CVE-2014-3292

Published: 10/06/2014 Updated: 08/09/2016

CVSS v2 Base Score: 5.5 | Impact Score: 4.9 | Exploitability Score: 8

VMScore: 490

Vector: AV:N/AC:L/Au:S/C:P/I:N/A:P

A vulnerability in the Real-Time Monitoring Tool (RTMT) of Cisco Unified Communications Manager could allow an authenticated, remote malicious user to download or delete files from arbitrary locations on the filesystem. The vulnerability is due to insufficient input validation. An attacker could exploit this vulnerability by submitting crafted URL requests to a vulnerable device. Cisco has confirmed the vulnerability in a security notice and software updates are available. To exploit this vulnerability, an attacker must authenticate to an affected device. This access requirement decreases the likelihood of a successful exploit.

Vulnerable Product	Search on Vulmon	Subscribe to Product
cisco unified communications manager

A vulnerability in the Real-Time Monitoring Tool (RTMT) of Cisco Unified Communications Manager could allow an authenticated, remote attacker to download or delete files from arbitrary locations on the filesystem The vulnerability is due to insufficient input validation An attacker could exploit this vulnerability by submitting crafted URL requ ...

CWE-20 http://tools.cisco.com/security/center/content/CiscoSecurityNotice/CVE-2014-3292 http://secunia.com/advisories/58315 http://tools.cisco.com/security/center/viewAlert.x?alertId=34574 http://www.securitytracker.com/id/1030408 https://nvd.nist.gov http://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/Cisco-SA-20140610-CVE-2014-3292

Get Started

Vulmon Search is a vulnerability search engine. It gives comprehensive vulnerability information through a very simple user interface.

Home Recent Vulnerabilities Research Posts Trends Blog About Contact

Vulmon Search Vulmon Research Vulmon Alerts Vulmap

Twitter Reddit Linkedin Facebook

CVE-2014-3292

Vulnerability Summary

Vendor Advisories

References

Vulmon Search

About

Products

Connect