CVE-2014-0732
Published Feb 20, 2014
Last updated 11 years ago
Overview
- Description
- The Real Time Monitoring Tool (RTMT) web application in Cisco Unified Communications Manager (Unified CM) 10.0(1) and earlier does not properly enforce authentication requirements, which allows remote attackers to read application files via a direct request to a URL, aka Bug ID CSCum46495.
- Source
- ykramarz@cisco.com
- NVD status
- Analyzed
Social media
- Hype score
- Not currently trending
Risk scores
CVSS 2.0
- Type
- Primary
- Base score
- 5
- Impact score
- 2.9
- Exploitability score
- 10
- Vector string
- AV:N/AC:L/Au:N/C:P/I:N/A:N
Weaknesses
- nvd@nist.gov
- CWE-287
Configurations
[
{
"nodes": [
{
"negate": false,
"cpeMatch": [
{
"criteria": "cpe:2.3:a:cisco:unified_communications_manager:*:*:*:*:*:*:*:*",
"vulnerable": true,
"matchCriteriaId": "0F66EDBF-F735-4E44-B650-39FCE806535A",
"versionEndIncluding": "10.0\\(1\\)"
},
{
"criteria": "cpe:2.3:a:cisco:unified_communications_manager:3.3\\(5\\):*:*:*:*:*:*:*",
"vulnerable": true,
"matchCriteriaId": "9B9DA1F8-FA05-4380-8EFF-AF9FEF18FF2E"
},
{
"criteria": "cpe:2.3:a:cisco:unified_communications_manager:3.3\\(5\\)sr1:*:*:*:*:*:*:*",
"vulnerable": true,
"matchCriteriaId": "65BB9155-89E5-4D54-AF1B-D5CA38392D5D"
},
{
"criteria": "cpe:2.3:a:cisco:unified_communications_manager:3.3\\(5\\)sr2a:*:*:*:*:*:*:*",
"vulnerable": true,
"matchCriteriaId": "2A76CD6B-0C24-4F5F-B4BB-BA114150A7F1"
},
{
"criteria": "cpe:2.3:a:cisco:unified_communications_manager:4.1\\(3\\):*:*:*:*:*:*:*",
"vulnerable": true,
"matchCriteriaId": "F9BD08CD-9169-4B1E-A6DE-B138E6AB533C"
},
{
"criteria": "cpe:2.3:a:cisco:unified_communications_manager:4.1\\(3\\)sr1:*:*:*:*:*:*:*",
"vulnerable": true,
"matchCriteriaId": "DFFD96E3-B19F-41B7-86FD-DBFD41382C28"
},
{
"criteria": "cpe:2.3:a:cisco:unified_communications_manager:4.1\\(3\\)sr2:*:*:*:*:*:*:*",
"vulnerable": true,
"matchCriteriaId": "0E9BF838-87A2-43B8-975B-524D7F954BF5"
},
{
"criteria": "cpe:2.3:a:cisco:unified_communications_manager:4.1\\(3\\)sr3:*:*:*:*:*:*:*",
"vulnerable": true,
"matchCriteriaId": "9600EA23-5428-4312-A38E-480E3C3228BF"
},
{
"criteria": "cpe:2.3:a:cisco:unified_communications_manager:4.1\\(3\\)sr4:*:*:*:*:*:*:*",
"vulnerable": true,
"matchCriteriaId": "57F5547E-F9C8-4F9C-96A1-563A66EE8D48"
},
{
"criteria": "cpe:2.3:a:cisco:unified_communications_manager:4.2:*:*:*:*:*:*:*",
"vulnerable": true,
"matchCriteriaId": "E6C20851-DC17-4E89-A6C1-D1B52D47608F"
},
{
"criteria": "cpe:2.3:a:cisco:unified_communications_manager:4.2.1:*:*:*:*:*:*:*",
"vulnerable": true,
"matchCriteriaId": "BC830649-C0D4-4FFC-8701-80FB4A706F58"
},
{
"criteria": "cpe:2.3:a:cisco:unified_communications_manager:4.2.2:*:*:*:*:*:*:*",
"vulnerable": true,
"matchCriteriaId": "935D2815-7146-4125-BDBE-BFAA62A88EC9"
},
{
"criteria": "cpe:2.3:a:cisco:unified_communications_manager:4.2.3:*:*:*:*:*:*:*",
"vulnerable": true,
"matchCriteriaId": "6BF54827-75E6-4BA0-84F0-0EC0E24A4A73"
},
{
"criteria": "cpe:2.3:a:cisco:unified_communications_manager:4.2.3sr1:*:*:*:*:*:*:*",
"vulnerable": true,
"matchCriteriaId": "6C8628E7-D3C8-4212-B0A5-6B5AC14D6101"
},
{
"criteria": "cpe:2.3:a:cisco:unified_communications_manager:4.2.3sr2:*:*:*:*:*:*:*",
"vulnerable": true,
"matchCriteriaId": "19432E5E-EA68-4B7A-8B99-DEBACBC3F160"
},
{
"criteria": "cpe:2.3:a:cisco:unified_communications_manager:4.2.3sr2b:*:*:*:*:*:*:*",
"vulnerable": true,
"matchCriteriaId": "ABE4CD8E-F27C-4F96-B955-FC1E71B5D55B"
},
{
"criteria": "cpe:2.3:a:cisco:unified_communications_manager:4.3:*:*:*:*:*:*:*",
"vulnerable": true,
"matchCriteriaId": "577571D6-AC59-4A43-B9A5-7B6FC6D2046C"
},
{
"criteria": "cpe:2.3:a:cisco:unified_communications_manager:10.0:*:*:*:*:*:*:*",
"vulnerable": true,
"matchCriteriaId": "725D3E7D-6EF9-4C13-8B30-39ED49BBC8E3"
}
],
"operator": "OR"
}
]
}
]