Lucene search

CiscoCVE-2013-3433

HistoryJul 18, 2013 - 12:48 p.m.

CVE-2013-3433

2013-07-1812:48:56

cisco

web.nvd.nist.gov

cisco

unified communications manager

cucm

vulnerability

privileges

bug id

cscui02276

nvd

CVSS2

6.8

Attack Vector

LOCAL

Attack Complexity

LOW

Authentication

SINGLE

Confidentiality Impact

COMPLETE

Integrity Impact

COMPLETE

Availability Impact

COMPLETE

AV:L/AC:L/Au:S/C:C/I:C/A:C

AI Score

6.7

Confidence

Low

EPSS

Percentile

5.1%

JSON

Untrusted search path vulnerability in Cisco Unified Communications Manager (CUCM) 7.1(x) through 9.1(1a) allows local users to gain privileges by leveraging unspecified file-permission and environment-variable issues for privileged programs, aka Bug ID CSCui02276.

Affected configurations

Nvd

Node

ciscounified_communications_managerMatch7.1\(2a\)

ciscounified_communications_managerMatch7.1\(2a\)su1

ciscounified_communications_managerMatch7.1\(2b\)

ciscounified_communications_managerMatch7.1\(2b\)su1

ciscounified_communications_managerMatch7.1\(3\)

ciscounified_communications_managerMatch7.1\(3a\)

ciscounified_communications_managerMatch7.1\(3a\)su1

ciscounified_communications_managerMatch7.1\(3a\)su1a

ciscounified_communications_managerMatch7.1\(3b\)

ciscounified_communications_managerMatch7.1\(3b\)su1

ciscounified_communications_managerMatch7.1\(3b\)su2

ciscounified_communications_managerMatch7.1\(5\)

ciscounified_communications_managerMatch7.1\(5\)su1

ciscounified_communications_managerMatch7.1\(5\)su1a

ciscounified_communications_managerMatch7.1\(5a\)

ciscounified_communications_managerMatch7.1\(5b\)

ciscounified_communications_managerMatch7.1\(5b\)su1

ciscounified_communications_managerMatch7.1\(5b\)su1a

ciscounified_communications_managerMatch7.1\(5b\)su2

ciscounified_communications_managerMatch7.1\(5b\)su3

ciscounified_communications_managerMatch7.1\(5b\)su4

ciscounified_communications_managerMatch7.1\(5b\)su5

ciscounified_communications_managerMatch7.1\(5b\)su6

Node

ciscounified_communications_managerMatch8.0

ciscounified_communications_managerMatch8.0\(1\)

ciscounified_communications_managerMatch8.0\(2\)

ciscounified_communications_managerMatch8.0\(2a\)

ciscounified_communications_managerMatch8.0\(2b\)

ciscounified_communications_managerMatch8.0\(2c\)

ciscounified_communications_managerMatch8.0\(2c\)su1

ciscounified_communications_managerMatch8.0\(3\)

ciscounified_communications_managerMatch8.0\(3a\)

ciscounified_communications_managerMatch8.0\(3a\)su1

ciscounified_communications_managerMatch8.0\(3a\)su2

ciscounified_communications_managerMatch8.0\(3a\)su3

Node

ciscounified_communications_managerMatch8.5

ciscounified_communications_managerMatch8.5\(1\)

ciscounified_communications_managerMatch8.5\(1\)su1

ciscounified_communications_managerMatch8.5\(1\)su2

ciscounified_communications_managerMatch8.5\(1\)su3

ciscounified_communications_managerMatch8.5\(1\)su4

ciscounified_communications_managerMatch8.5\(1\)su5

Node

ciscounified_communications_managerMatch8.6

ciscounified_communications_managerMatch8.6\(1\)

ciscounified_communications_managerMatch8.6\(1a\)

ciscounified_communications_managerMatch8.6\(2\)

ciscounified_communications_managerMatch8.6\(2a\)

ciscounified_communications_managerMatch8.6\(2a\)su1

ciscounified_communications_managerMatch8.6\(2a\)su2

ciscounified_communications_managerMatch8.6\(2a\)su3

ciscounified_communications_managerMatch8.6\(3\)

ciscounified_communications_managerMatch8.6\(4\)

Node

ciscounified_communications_managerMatch9.0\(1\)

ciscounified_communications_managerMatch9.1\(1\)

ciscounified_communications_managerMatch9.1\(1a\)

ciscounified_communications_managerMatch9.1.1\(a\)

VendorProductVersionCPE
ciscounified_communications_manager7.1%282b%29su1cpe:/a:cisco:unified_communications_manager:7.1%282b%29su1:::
ciscounified_communications_manager7.1%285%29su1acpe:/a:cisco:unified_communications_manager:7.1%285%29su1a:::
ciscounified_communications_manager7.1%282b%29cpe:/a:cisco:unified_communications_manager:7.1%282b%29:::
ciscounified_communications_manager7.1%285%29su1cpe:/a:cisco:unified_communications_manager:7.1%285%29su1:::
ciscounified_communications_manager7.1%285b%29su4cpe:/a:cisco:unified_communications_manager:7.1%285b%29su4:::
ciscounified_communications_manager7.1%283b%29su1cpe:/a:cisco:unified_communications_manager:7.1%283b%29su1:::
ciscounified_communications_manager7.1%282a%29cpe:/a:cisco:unified_communications_manager:7.1%282a%29:::
ciscounified_communications_manager7.1%285b%29su1acpe:/a:cisco:unified_communications_manager:7.1%285b%29su1a:::
ciscounified_communications_manager7.1%283a%29su1cpe:/a:cisco:unified_communications_manager:7.1%283a%29su1:::
ciscounified_communications_manager7.1%282a%29su1cpe:/a:cisco:unified_communications_manager:7.1%282a%29su1:::

Vendor	Product	Version	CPE
cisco	unified_communications_manager	7.1%282b%29su1	cpe:/a:cisco:unified_communications_manager:7.1%282b%29su1:::
cisco	unified_communications_manager	7.1%285%29su1a	cpe:/a:cisco:unified_communications_manager:7.1%285%29su1a:::
cisco	unified_communications_manager	7.1%282b%29	cpe:/a:cisco:unified_communications_manager:7.1%282b%29:::
cisco	unified_communications_manager	7.1%285%29su1	cpe:/a:cisco:unified_communications_manager:7.1%285%29su1:::
cisco	unified_communications_manager	7.1%285b%29su4	cpe:/a:cisco:unified_communications_manager:7.1%285b%29su4:::
cisco	unified_communications_manager	7.1%283b%29su1	cpe:/a:cisco:unified_communications_manager:7.1%283b%29su1:::
cisco	unified_communications_manager	7.1%282a%29	cpe:/a:cisco:unified_communications_manager:7.1%282a%29:::
cisco	unified_communications_manager	7.1%285b%29su1a	cpe:/a:cisco:unified_communications_manager:7.1%285b%29su1a:::
cisco	unified_communications_manager	7.1%283a%29su1	cpe:/a:cisco:unified_communications_manager:7.1%283a%29su1:::
cisco	unified_communications_manager	7.1%282a%29su1	cpe:/a:cisco:unified_communications_manager:7.1%282a%29su1:::