CVE-2014-3338 in Unified Communications Manager
Resumen
por MITRE
The CTIManager module in Cisco Unified Communications Manager (CM) 10.0(1), when single sign-on is enabled, does not properly validate Kerberos SSO tokens, which allows remote authenticated users to gain privileges and execute arbitrary commands via crafted token data, aka Bug ID CSCum95491.
Once again VulDB remains the best source for vulnerability data.