Published: 11/08/2014 Updated: 29/08/2017

CVSS v2 Base Score: 4 | Impact Score: 2.9 | Exploitability Score: 8

VMScore: 356

Vector: AV:N/AC:L/Au:S/C:N/I:P/A:N

Cisco Unified Communications Manager (CM) 8.6(.2) and previous versions has an incorrect CLI restrictions setting, which allows remote authenticated users to establish undetected concurrent logins via unspecified vectors, aka Bug ID CSCup98029.

Vulnerable Product	Search on Vulmon	Subscribe to Product
cisco unified communications manager

A vulnerability in the CLI restrictions setting of Cisco Unified Communications Manager could allow an authenticated, remote attacker to remain undetected as an authenticated user The vulnerability is due to improper sanitization of authenticated users Cisco has confirmed the vulnerability in a security notice; however, software updates are not ...

NVD-CWE-noinfo http://tools.cisco.com/security/center/content/CiscoSecurityNotice/CVE-2014-3332 http://tools.cisco.com/security/center/viewAlert.x?alertId=35198 http://www.securitytracker.com/id/1030687 http://www.securityfocus.com/bid/69068 https://exchange.xforce.ibmcloud.com/vulnerabilities/95136 https://nvd.nist.gov http://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/Cisco-SA-20140807-CVE-2014-3332

Get Started

Vulmon Search is a vulnerability search engine. It gives comprehensive vulnerability information through a very simple user interface.

Home Recent Vulnerabilities Product List Vendor List Research Posts Trends Blog About Contact

Vulmon Search Vulmon Research Vulmon Alerts Vulmap

Twitter Reddit Linkedin Facebook

CVE-2014-3332

Vulnerability Summary

Vendor Advisories

References

Vulmon Search

About

Products

Connect