4
CVSSv2

CVE-2014-3332

Published: 11/08/2014 Updated: 29/08/2017
CVSS v2 Base Score: 4 | Impact Score: 2.9 | Exploitability Score: 8
VMScore: 356
Vector: AV:N/AC:L/Au:S/C:N/I:P/A:N

Vulnerability Summary

Cisco Unified Communications Manager (CM) 8.6(.2) and previous versions has an incorrect CLI restrictions setting, which allows remote authenticated users to establish undetected concurrent logins via unspecified vectors, aka Bug ID CSCup98029.

Vulnerable Product Search on Vulmon Subscribe to Product

cisco unified communications manager

Vendor Advisories

A vulnerability in the CLI restrictions setting of Cisco Unified Communications Manager could allow an authenticated, remote attacker to remain undetected as an authenticated user The vulnerability is due to improper sanitization of authenticated users Cisco has confirmed the vulnerability in a security notice; however, software updates are not ...