CVE-2014-0733

Name of the Vulnerable Software and Affected Versions Cisco Unified Communications Manager versions prior to 10.0(1)

Description The issue is related to the Enterprise License Manager (ELM) component, which does not properly enforce authentication requirements. This allows remote attackers to read ELM files by making a direct request to a URL.

Recommendations For versions prior to 10.0(1), update to a version that properly enforces authentication requirements for the ELM component. As a temporary workaround, consider restricting access to the ELM files to minimize the risk of exploitation.