Lucene search
CiscoCVE-2014-0743HistoryFeb 27, 2014 - 1:55 a.m.
CVE-2014-0743
2014-02-2701:55:03
CWE-287
cisco
web.nvd.nist.gov
27
capf
cisco
unified communications manager
authentication bypass
crafted data
cve-2014-0743
nvd
CVSS2
5
Attack Vector
NETWORK
Attack Complexity
LOW
Authentication
NONE
Confidentiality Impact
NONE
Integrity Impact
PARTIAL
Availability Impact
NONE
AV:N/AC:L/Au:N/C:N/I:P/A:N
AI Score
6.9
Confidence
Low
EPSS
0.003
Percentile
65.6%
The Certificate Authority Proxy Function (CAPF) component in Cisco Unified Communications Manager (Unified CM) 10.0(1) and earlier allows remote attackers to bypass authentication and modify registered-device information via crafted data, aka Bug ID CSCum95468.
Affected configurations
Node
ciscounified_communications_managerRange≤10.0\(1\)
ORciscounified_communications_managerMatch3.3\(5\)
ORciscounified_communications_managerMatch3.3\(5\)sr1
ORciscounified_communications_managerMatch3.3\(5\)sr2a
ORciscounified_communications_managerMatch4.1\(3\)
ORciscounified_communications_managerMatch4.1\(3\)sr1
ORciscounified_communications_managerMatch4.1\(3\)sr2
ORciscounified_communications_managerMatch4.1\(3\)sr3
ORciscounified_communications_managerMatch4.1\(3\)sr4
ORciscounified_communications_managerMatch4.2
ORciscounified_communications_managerMatch4.2.1
ORciscounified_communications_managerMatch4.2.2
ORciscounified_communications_managerMatch4.2.3
ORciscounified_communications_managerMatch4.2.3sr1
ORciscounified_communications_managerMatch4.2.3sr2
ORciscounified_communications_managerMatch4.2.3sr2b
ORciscounified_communications_managerMatch4.3
ORciscounified_communications_managerMatch10.0
| Vendor | Product | Version | CPE |
|---|---|---|---|
| cisco | unified_communications_manager | * | cpe:2.3:a:cisco:unified_communications_manager:*:*:*:*:*:*:*:* |
| cisco | unified_communications_manager | 3.3(5) | cpe:2.3:a:cisco:unified_communications_manager:3.3\(5\):*:*:*:*:*:*:* |
| cisco | unified_communications_manager | 3.3(5)sr1 | cpe:2.3:a:cisco:unified_communications_manager:3.3\(5\)sr1:*:*:*:*:*:*:* |
| cisco | unified_communications_manager | 3.3(5)sr2a | cpe:2.3:a:cisco:unified_communications_manager:3.3\(5\)sr2a:*:*:*:*:*:*:* |
| cisco | unified_communications_manager | 4.1(3) | cpe:2.3:a:cisco:unified_communications_manager:4.1\(3\):*:*:*:*:*:*:* |
| cisco | unified_communications_manager | 4.1(3)sr1 | cpe:2.3:a:cisco:unified_communications_manager:4.1\(3\)sr1:*:*:*:*:*:*:* |
| cisco | unified_communications_manager | 4.1(3)sr2 | cpe:2.3:a:cisco:unified_communications_manager:4.1\(3\)sr2:*:*:*:*:*:*:* |
| cisco | unified_communications_manager | 4.1(3)sr3 | cpe:2.3:a:cisco:unified_communications_manager:4.1\(3\)sr3:*:*:*:*:*:*:* |
| cisco | unified_communications_manager | 4.1(3)sr4 | cpe:2.3:a:cisco:unified_communications_manager:4.1\(3\)sr4:*:*:*:*:*:*:* |
| cisco | unified_communications_manager | 4.2 | cpe:2.3:a:cisco:unified_communications_manager:4.2:*:*:*:*:*:*:* |
Related
cisco
cisco
cvelist
cvelist
CVE-2014-0743
2014-02-27 01:00:00
prion
prion
Authentication flaw
2014-02-27 01:55:00
nvd
nvd
CVE-2014-0743
2014-02-27 01:55:03
CVSS2
5
Attack Vector
NETWORK
Attack Complexity
LOW
Authentication
NONE
Confidentiality Impact
NONE
Integrity Impact
PARTIAL
Availability Impact
NONE
AV:N/AC:L/Au:N/C:N/I:P/A:N
AI Score
6.9
Confidence
Low
EPSS
0.003
Percentile
65.6%
Related for CVE-2014-0743