CVE-2014-0651

Published: Jan 8, 2014Modified: Apr 29, 2026

4.9

Vector

AV:N/AC:M/Au:S/C:P/I:P/A:N

Exploitability: 6.8 / Impact: 4.9

Source: NVD

Description

The administrative interface in Cisco Context Directory Agent (CDA) does not properly enforce authorization requirements, which allows remote authenticated users to obtain administrative access by hijacking a session, aka Bug ID CSCuj45347.

Affected (1)

Products: Cisco: Context Directory Agent

Cisco

1 product

Context Directory Agent

Configuration A

1 vulnerable

Vulnerable Software	Affected Versions
Cisco Context Directory Agent	All versions

Related CWEs

CWE-264

References (14)

http://osvdb.org/101809

Source: psirt@cisco.com

http://secunia.com/advisories/56365

Source: psirt@cisco.com

http://tools.cisco.com/security/center/content/CiscoSecurityNotice/CVE-2014-0651

Source: psirt@cisco.com

Vendor Advisory

http://tools.cisco.com/security/center/viewAlert.x?alertId=32364

Source: psirt@cisco.com

Vendor Advisory

http://www.securityfocus.com/bid/64706

Source: psirt@cisco.com

Third Party AdvisoryVDB Entry

http://www.securitytracker.com/id/1029573

Source: psirt@cisco.com

Third Party AdvisoryVDB Entry

https://exchange.xforce.ibmcloud.com/vulnerabilities/90166

Source: psirt@cisco.com

http://osvdb.org/101809