PT-2014-3805 · Cisco · Cisco Unified Communications Manager
Publicado
2014-02-27
·
Atualizado
2015-07-29
·
CVE-2014-0741
CVSS v2.0
6.2
Média
| Vetor | AV:L/AC:L/Au:S/C:C/I:C/A:N |
Name of the Vulnerable Software and Affected Versions
Cisco Unified Communications Manager versions prior to 10.0(1)
Description
The certificate-import feature in the Certificate Authority Proxy Function (CAPF) CLI implementation has an issue that allows local users to read or modify arbitrary files via a crafted command.
Recommendations
For versions prior to 10.0(1), update to a version that contains a fix for this issue to prevent local users from reading or modifying arbitrary files.
Correção
Encontrou algum problema na descrição? Tem algo a acrescentar? Fique à vontade para nos escrever 👾
Enumeração de Fraquezas
Identificadores relacionados
Produtos afetados
Cisco Unified Communications Manager