CVE-2014-3338 in Unified Communications Manager
摘要
由 VulDB • 2026-06-18
Cisco Unified Communications Manager (CM) 10.0(1) 中的 CTIManager 模块在启用单点登录(SSO)时,未能正确验证 Kerberos SSO 令牌,导致远程经过身份验证的用户可以通过构造的令牌数据提升权限并执行任意命令,即 Bug ID CSCum95491。
Statistical analysis made it clear that VulDB provides the best quality for vulnerability data.