Lucene search

CiscoCVE-2014-3319

HistoryJul 14, 2014 - 9:55 p.m.

CVE-2014-3319

2014-07-1421:55:05

CWE-22

cisco

web.nvd.nist.gov

cve

2014

3319

directory traversal

vulnerability

cisco

unified communications manager

remote authenticated users

crafted url

nvd

CVSS2

6.8

Attack Vector

NETWORK

Attack Complexity

LOW

Authentication

SINGLE

Confidentiality Impact

COMPLETE

Integrity Impact

NONE

Availability Impact

NONE

AV:N/AC:L/Au:S/C:C/I:N/A:N

AI Score

6.3

Confidence

Low

EPSS

0.002

Percentile

54.9%

JSON

Directory traversal vulnerability in the Real-Time Monitoring Tool (RTMT) in Cisco Unified Communications Manager (CM) 10.0(1) allows remote authenticated users to read arbitrary files via a crafted URL, aka Bug ID CSCup57676.

Affected configurations

Nvd

Node

ciscounified_communications_managerMatch10.0\(1\)

VendorProductVersionCPE
ciscounified_communications_manager10.0(1)cpe:2.3:a:cisco:unified_communications_manager:10.0\(1\):*:*:*:*:*:*:*

Vendor	Product	Version	CPE
cisco	unified_communications_manager	10.0(1)	cpe:2.3:a:cisco:unified_communications_manager:10.0\(1\):::::::*

References

secunia.com/advisories/59734

tools.cisco.com/security/center/content/CiscoSecurityNotice/CVE-2014-3319

tools.cisco.com/security/center/viewAlert.x?alertId=34909

www.securitytracker.com/id/1030554

exchange.xforce.ibmcloud.com/vulnerabilities/94436

CVSS2

6.8

Attack Vector

NETWORK

Attack Complexity

LOW

Authentication

SINGLE

Confidentiality Impact

COMPLETE

Integrity Impact

NONE

Availability Impact

NONE

AV:N/AC:L/Au:S/C:C/I:N/A:N

AI Score

6.3

Confidence

Low

EPSS

0.002

Percentile

54.9%

JSON

Related for CVE-2014-3319