Free and open-source vulnerability scanner
Mageni eases for you the vulnerability scanning, assessment, and management process. It is free and open-source.
Install NowAvailable for macOS, Windows, and Linux
CVE-2014-0657
CVE information
Published
Last Modified
CVSSv2.0 Severity
Impact Analysis
Description
The administration portal in Cisco Unified Communications Manager (Unified CM) 9.1(1) and earlier does not properly handle role restrictions, which allows remote authenticated users to bypass role-based access control via multiple visits to a forbidden portal URL, aka Bug ID CSCuj83540..
CVSSv2.0 Score
- Severity
- Medium
- Base Score
- 4/10
- Exploit Score
- 8/10
- Access Vector
- Network
- Access Complexity
- Low
- Authentication Required
- Single
- Impact Score
- 2.9/10
- Confidentiality Impact
- Partial
- Availability Impact
- None
- Integrity Impact
- None
Products Affected
CPE | Affected | Vulnerable | Excluding | Edit |
---|---|---|---|---|
cpe:2.3:a:cisco:unified_communications_manager:8.6\(1\):*:*: |
Yes
|
- | - | |
cpe:2.3:a:cisco:unified_communications_manager:8.5\(1\):*:*: |
Yes
|
- | - | |
cpe:2.3:a:cisco:unified_communications_manager:5.1\(3e\):*:* |
Yes
|
- | - | |
cpe:2.3:a:cisco:unified_communications_manager:6.1\(3a\):*:* |
Yes
|
- | - | |
cpe:2.3:a:cisco:unified_communications_manager:8.0\(2c\):*:* |
Yes
|
- | - | |
cpe:2.3:a:cisco:unified_communications_manager:5.1\(3c\):*:* |
Yes
|
- | - | |
cpe:2.3:a:cisco:unified_communications_manager:6.1\(2\):*:*: |
Yes
|
- | - | |
cpe:2.3:a:cisco:unified_communications_manager:8.6\(2a\)su1: |
Yes
|
- | - | |
cpe:2.3:a:cisco:unified_communications_manager:5.1\(2a\):*:* |
Yes
|
- | - | |
cpe:2.3:a:cisco:unified_communications_manager:8.5\(1\)su4:* |
Yes
|
- | - | |
cpe:2.3:a:cisco:unified_communications_manager:6.1\(3b\)su1: |
Yes
|
- | - | |
cpe:2.3:a:cisco:unified_communications_manager:4.2.3sr2:*:*: |
Yes
|
- | - | |
cpe:2.3:a:cisco:unified_communications_manager:3.3\(5\):*:*: |
Yes
|
- | - | |
cpe:2.3:a:cisco:unified_communications_manager:7.1\(2b\)su1: |
Yes
|
- | - | |
cpe:2.3:a:cisco:unified_communications_manager:8.6\(2\):*:*: |
Yes
|
- | - | |
cpe:2.3:a:cisco:unified_communications_manager:8.6\(4\):*:*: |
Yes
|
- | - | |
cpe:2.3:a:cisco:unified_communications_manager:8.6\(2a\):*:* |
Yes
|
- | - | |
cpe:2.3:a:cisco:unified_communications_manager:6.0\(1\):*:*: |
Yes
|
- | - | |
cpe:2.3:a:cisco:unified_communications_manager:7.1\(5b\)su6: |
Yes
|
- | - | |
cpe:2.3:a:cisco:unified_communications_manager:8.0\(2\):*:*: |
Yes
|
- | - | |
cpe:2.3:a:cisco:unified_communications_manager:5.1\(1b\):*:* |
Yes
|
- | - | |
cpe:2.3:a:cisco:unified_communications_manager:8.0\(3a\)su3: |
Yes
|
- | - | |
cpe:2.3:a:cisco:unified_communications_manager:8.5\(1\)su5:* |
Yes
|
- | - | |
cpe:2.3:a:cisco:unified_communications_manager:7.1\(2b\):*:* |
Yes
|
- | - | |
cpe:2.3:a:cisco:unified_communications_manager:8.5\(1\)su2:* |
Yes
|
- | - | |
cpe:2.3:a:cisco:unified_communications_manager:5.1\(1c\):*:* |
Yes
|
- | - | |
cpe:2.3:a:cisco:unified_communications_manager:4.1\(3\)sr1:* |
Yes
|
- | - | |
cpe:2.3:a:cisco:unified_communications_manager:7.1\(5b\)su4: |
Yes
|
- | - | |
cpe:2.3:a:cisco:unified_communications_manager:6.1\(2\)su1a: |
Yes
|
- | - | |
cpe:2.3:a:cisco:unified_communications_manager:5.1\(2\):*:*: |
Yes
|
- | - | |
cpe:2.3:a:cisco:unified_communications_manager:7.1\(3b\):*:* |
Yes
|
- | - | |
cpe:2.3:a:cisco:unified_communications_manager:6.1\(4\)su1:* |
Yes
|
- | - | |
cpe:2.3:a:cisco:unified_communications_manager:8.6:*:*:*:*:* |
Yes
|
- | - | |
cpe:2.3:a:cisco:unified_communications_manager:8.0\(2b\):*:* |
Yes
|
- | - | |
cpe:2.3:a:cisco:unified_communications_manager:6.1\(4\):*:*: |
Yes
|
- | - | |
cpe:2.3:a:cisco:unified_communications_manager:5.0:*:*:*:*:* |
Yes
|
- | - | |
cpe:2.3:a:cisco:unified_communications_manager:7.1\(2a\)su1: |
Yes
|
- | - | |
cpe:2.3:a:cisco:unified_communications_manager:7.1\(3b\)su1: |
Yes
|
- | - | |
cpe:2.3:a:cisco:unified_communications_manager:4.2.3sr1:*:*: |
Yes
|
- | - | |
cpe:2.3:a:cisco:unified_communications_manager:7.1\(3a\)su1a |
Yes
|
- | - | |
cpe:2.3:a:cisco:unified_communications_manager:8.6\(2a\)su2: |
Yes
|
- | - | |
cpe:2.3:a:cisco:unified_communications_manager:4.1\(3\)sr2:* |
Yes
|
- | - | |
cpe:2.3:a:cisco:unified_communications_manager:7.1\(5b\)su1: |
Yes
|
- | - | |
cpe:2.3:a:cisco:unified_communications_manager:6.1\(5\)su1:* |
Yes
|
- | - | |
cpe:2.3:a:cisco:unified_communications_manager:5.1\(2b\):*:* |
Yes
|
- | - | |
cpe:2.3:a:cisco:unified_communications_manager:6.1\(4a\):*:* |
Yes
|
- | - | |
cpe:2.3:a:cisco:unified_communications_manager:7.1\(5b\)su3: |
Yes
|
- | - | |
cpe:2.3:a:cisco:unified_communications_manager:4.1\(3\):*:*: |
Yes
|
- | - | |
cpe:2.3:a:cisco:unified_communications_manager:8.6\(2a\)su3: |
Yes
|
- | - | |
cpe:2.3:a:cisco:unified_communications_manager:6.1\(5\)su2:* |
Yes
|
- | - | |
cpe:2.3:a:cisco:unified_communications_manager:4.2:*:*:*:*:* |
Yes
|
- | - | |
cpe:2.3:a:cisco:unified_communications_manager:4.3:*:*:*:*:* |
Yes
|
- | - | |
cpe:2.3:a:cisco:unified_communications_manager:4.2.3:*:*:*:* |
Yes
|
- | - | |
cpe:2.3:a:cisco:unified_communications_manager:6.1\(3\):*:*: |
Yes
|
- | - | |
cpe:2.3:a:cisco:unified_communications_manager:7.1\(3\):*:*: |
Yes
|
- | - | |
cpe:2.3:a:cisco:unified_communications_manager:4.1\(3\)sr4:* |
Yes
|
- | - | |
cpe:2.3:a:cisco:unified_communications_manager:6.1\(4a\)su2: |
Yes
|
- | - | |
cpe:2.3:a:cisco:unified_communications_manager:4.2.1:*:*:*:* |
Yes
|
- | - | |
cpe:2.3:a:cisco:unified_communications_manager:7.1\(2a\):*:* |
Yes
|
- | - | |
cpe:2.3:a:cisco:unified_communications_manager:6.1\(1\):*:*: |
Yes
|
- | - | |
cpe:2.3:a:cisco:unified_communications_manager:7.1\(5b\):*:* |
Yes
|
- | - | |
cpe:2.3:a:cisco:unified_communications_manager:5.1\(3d\):*:* |
Yes
|
- | - | |
cpe:2.3:a:cisco:unified_communications_manager:5.1.2:*:*:*:* |
Yes
|
- | - | |
cpe:2.3:a:cisco:unified_communications_manager:8.0\(3a\)su2: |
Yes
|
- | - | |
cpe:2.3:a:cisco:unified_communications_manager:7.0\(2a\):*:* |
Yes
|
- | - | |
cpe:2.3:a:cisco:unified_communications_manager:8.6\(1a\):*:* |
Yes
|
- | - | |
cpe:2.3:a:cisco:unified_communications_manager:8.0:*:*:*:*:* |
Yes
|
- | - | |
cpe:2.3:a:cisco:unified_communications_manager:8.5\(1\)su3:* |
Yes
|
- | - | |
cpe:2.3:a:cisco:unified_communications_manager:3.3\(5\)sr2a: |
Yes
|
- | - | |
cpe:2.3:a:cisco:unified_communications_manager:7.0\(1\)su1:* |
Yes
|
- | - | |
cpe:2.3:a:cisco:unified_communications_manager:9.0\(1\):*:*: |
Yes
|
- | - | |
cpe:2.3:a:cisco:unified_communications_manager:7.0\(1\)su1a: |
Yes
|
- | - | |
cpe:2.3:a:cisco:unified_communications_manager:7.1\(5b\)su2: |
Yes
|
- | - | |
cpe:2.3:a:cisco:unified_communications_manager:4.2.2:*:*:*:* |
Yes
|
- | - | |
cpe:2.3:a:cisco:unified_communications_manager:7.1\(5\):*:*: |
Yes
|
- | - | |
cpe:2.3:a:cisco:unified_communications_manager:4.3\(1\):*:*: |
Yes
|
- | - | |
cpe:2.3:a:cisco:unified_communications_manager:7.1\(5a\):*:* |
Yes
|
- | - | |
cpe:2.3:a:cisco:unified_communications_manager:4.1\(3\)sr3:* |
Yes
|
- | - | |
cpe:2.3:a:cisco:unified_communications_manager:6.1\(1b\):*:* |
Yes
|
- | - | |
cpe:2.3:a:cisco:unified_communications_manager:6.1\(3b\):*:* |
Yes
|
- | - | |
cpe:2.3:a:cisco:unified_communications_manager:7.0\(2a\)su2: |
Yes
|
- | - | |
cpe:2.3:a:cisco:unified_communications_manager:5.1\(3\):*:*: |
Yes
|
- | - | |
cpe:2.3:a:cisco:unified_communications_manager:6.1\(5\):*:*: |
Yes
|
- | - | |
cpe:2.3:a:cisco:unified_communications_manager:6.1\(5\)su3:* |
Yes
|
- | - | |
cpe:2.3:a:cisco:unified_communications_manager:8.0\(3\):*:*: |
Yes
|
- | - | |
cpe:2.3:a:cisco:unified_communications_manager:7.1\(5b\)su1a |
Yes
|
- | - | |
cpe:2.3:a:cisco:unified_communications_manager:7.1\(5\)su1a: |
Yes
|
- | - | |
cpe:2.3:a:cisco:unified_communications_manager:8.0\(2a\):*:* |
Yes
|
- | - | |
cpe:2.3:a:cisco:unified_communications_manager:6.0\(1a\):*:* |
Yes
|
- | - | |
cpe:2.3:a:cisco:unified_communications_manager:8.5:*:*:*:*:* |
Yes
|
- | - | |
cpe:2.3:a:cisco:unified_communications_manager:7.1\(5\)su1:* |
Yes
|
- | - | |
cpe:2.3:a:cisco:unified_communications_manager:6.0\(1b\):*:* |
Yes
|
- | - | |
cpe:2.3:a:cisco:unified_communications_manager:5.1\(1\):*:*: |
Yes
|
- | - | |
cpe:2.3:a:cisco:unified_communications_manager:8.0\(3a\):*:* |
Yes
|
- | - | |
cpe:2.3:a:cisco:unified_communications_manager:*:*:*:*:*:*:* |
Yes
|
- | - | |
cpe:2.3:a:cisco:unified_communications_manager:7.1\(3a\):*:* |
Yes
|
- | - | |
cpe:2.3:a:cisco:unified_communications_manager:6.1\(2\)su1:* |
Yes
|
- | - | |
cpe:2.3:a:cisco:unified_communications_manager:3.3\(5\)sr1:* |
Yes
|
- | - | |
cpe:2.3:a:cisco:unified_communications_manager:7.1\(5b\)su5: |
Yes
|
- | - | |
cpe:2.3:a:cisco:unified_communications_manager:7.0\(2a\)su1: |
Yes
|
- | - | |
cpe:2.3:a:cisco:unified_communications_manager:5.1\(3a\):*:* |
Yes
|
- | - | |
cpe:2.3:a:cisco:unified_communications_manager:7.1\(3a\)su1: |
Yes
|
- | - | |
cpe:2.3:a:cisco:unified_communications_manager:6.0:*:*:*:*:* |
Yes
|
- | - | |
cpe:2.3:a:cisco:unified_communications_manager:8.6\(3\):*:*: |
Yes
|
- | - | |
cpe:2.3:a:cisco:unified_communications_manager:5.1:*:*:*:*:* |
Yes
|
- | - | |
cpe:2.3:a:cisco:unified_communications_manager:8.0\(2c\)su1: |
Yes
|
- | - | |
cpe:2.3:a:cisco:unified_communications_manager:4.2.3sr2b:*:* |
Yes
|
- | - | |
cpe:2.3:a:cisco:unified_communications_manager:6.1\(1a\):*:* |
Yes
|
- | - | |
cpe:2.3:a:cisco:unified_communications_manager:8.5\(1\)su1:* |
Yes
|
- | - | |
cpe:2.3:a:cisco:unified_communications_manager:7.0\(2\):*:*: |
Yes
|
- | - | |
cpe:2.3:a:cisco:unified_communications_manager:8.0\(1\):*:*: |
Yes
|
- | - | |
cpe:2.3:a:cisco:unified_communications_manager:8.0\(3a\)su1: |
Yes
|
- | - | |
cpe:2.3:a:cisco:unified_communications_manager:7.1\(3b\)su2: |
Yes
|
- | - |
References
- http://tools.cisco.com/security/center/content/CiscoSecurityNotice/CVE-2014-0657
- http://tools.cisco.com/security/center/viewAlert.x?alertId=32341
- http://www.securitytracker.com/id/1029571
- http://www.securityfocus.com/bid/64690
- http://osvdb.org/101800
- http://secunia.com/advisories/56368
- https://exchange.xforce.ibmcloud.com/vulnerabilities/90120