CiscoWorks Common Management Foundation (CMF) 2.1 and previous versions allows the guest user to gain administrative privileges via a certain POST request to com.cisco.nm.cmf.servlet.CsAuthServlet, possibly involving the "cmd" parameter with a modifyUser value and a modified "priviledges" parameter.
Vulnerable Product | Search on Vulmon | Subscribe to Product |
---|---|---|
cisco resource manager 1.1 |
||
cisco resource manager essentials 2.1 |
||
cisco resource manager essentials 2.2 |
||
cisco resource manager 1.0 |
||
cisco resource manager essentials 2.0 |
||
cisco ciscoworks cd1 1st |
||
cisco ciscoworks cd1 3rd |
||
cisco ciscoworks common management foundation 2.0 |
||
cisco ciscoworks cd1 4th |
||
cisco ciscoworks cd1 5th |
||
cisco ciscoworks common management foundation 2.1 |
||
cisco ciscoworks cd1 2nd |