Back to search
CVE-2014-0657
Published: Jan 8, 2014
Modified: Aug 6, 2024
PUBLISHED
Description
The administration portal in Cisco Unified Communications Manager (Unified CM) 9.1(1) and earlier does not properly handle role restrictions, which allows remote authenticated users to bypass role-based access control via multiple visits to a forbidden portal URL, aka Bug ID CSCuj83540.
| Vendor | Product | Versions |
|---|---|---|
n/a | n/a | affected n/a |
References
101800
vdb-entry
x_refsource_OSVDB
cisco-ucm-cve20140657-sec-bypass(90120)
vdb-entry
x_refsource_XF
56368
third-party-advisory
x_refsource_SECUNIA
20140107 Cisco Unified Communications Manager Role Bypass Vulnerability
vendor-advisory
x_refsource_CISCO
http://tools.cisco.com/security/center/viewAlert.x?alertId=32341
x_refsource_CONFIRM
64690
vdb-entry
x_refsource_BID
1029571
vdb-entry
x_refsource_SECTRACK
Security Training
Train your team to recognize and prevent security threats with our comprehensive security awareness program.
Start TrainingVulnerability Scanning
Discover vulnerabilities in your applications and infrastructure before attackers do.
Scan Now