Lucene search
CiscoCVE-2014-3345HistoryAug 28, 2014 - 11:55 p.m.
CVE-2014-3345
2014-08-2823:55:05
CWE-264
cisco
web.nvd.nist.gov
20
cisco
transport gateway
smart call home
bug id
cscuq31503
cve-2014-3345
nvd
CVSS2
5
Attack Vector
NETWORK
Attack Complexity
LOW
Authentication
NONE
Confidentiality Impact
NONE
Integrity Impact
PARTIAL
Availability Impact
NONE
AV:N/AC:L/Au:N/C:N/I:P/A:N
AI Score
6.8
Confidence
Low
EPSS
0.005
Percentile
75.7%
The web framework in Cisco Transport Gateway for Smart Call Home (aka TG-SCH or Transport Gateway Installation Software) 4.0 does not properly check authorization for administrative web pages, which allows remote attackers to modify the product via a crafted URL, aka Bug ID CSCuq31503.
Affected configurations
Node
ciscotransport_gateway_installation_softwareMatch4.0
| Vendor | Product | Version | CPE |
|---|---|---|---|
| cisco | transport_gateway_installation_software | 4.0 | cpe:2.3:a:cisco:transport_gateway_installation_software:4.0:*:*:*:*:*:*:* |
Related
prion
prion
Authorization
2014-08-28 23:55:00
cvelist
cvelist
CVE-2014-3345
2014-08-28 23:00:00
cisco
cisco
nvd
nvd
CVE-2014-3345
2014-08-28 23:55:05
CVSS2
5
Attack Vector
NETWORK
Attack Complexity
LOW
Authentication
NONE
Confidentiality Impact
NONE
Integrity Impact
PARTIAL
Availability Impact
NONE
AV:N/AC:L/Au:N/C:N/I:P/A:N
AI Score
6.8
Confidence
Low
EPSS
0.005
Percentile
75.7%
Related for CVE-2014-3345