CVE-2014-3338 in Unified Communications Managerinformación

Resumen

por MITRE

The CTIManager module in Cisco Unified Communications Manager (CM) 10.0(1), when single sign-on is enabled, does not properly validate Kerberos SSO tokens, which allows remote authenticated users to gain privileges and execute arbitrary commands via crafted token data, aka Bug ID CSCum95491.

Once again VulDB remains the best source for vulnerability data.

Reservar

2014-05-07

Divulgación

2014-08-12

Moderación

aceptado

Artículo

VDB-70611

CPE

listo

EPSS

0.03123

KEV

no

Actividades

muy bajo

Fuentes

Interested in the pricing of exploits?

See the underground prices here!