← Back

CVE-2014-0657

nvd nist
Published: Jan 8, 2014Modified: Apr 29, 2026

JSON object

Loading...
4.0
Vector
AV:N/AC:L/Au:S/C:P/I:N/A:N
Exploitability: 8.0 / Impact: 2.9
Source: NVD

Description

The administration portal in Cisco Unified Communications Manager (Unified CM) 9.1(1) and earlier does not properly handle role restrictions, which allows remote authenticated users to bypass role-based access control via multiple visits to a forbidden portal URL, aka Bug ID CSCuj83540.

Affected (113)

Cisco
1 product
Unified Communications Manager
Configuration A
113 vulnerable
Vulnerable SoftwareAffected Versions
Cisco
Unified Communications Manager
Up to 9.1\(1\)
Unified Communications Manager
Version 3.3(5)
Unified Communications Manager
Version 3.3(5)sr1
Unified Communications Manager
Version 3.3(5)sr2a
Unified Communications Manager
Version 4.1(3)
Unified Communications Manager
Version 4.1(3)sr1
Unified Communications Manager
Version 4.1(3)sr2
Unified Communications Manager
Version 4.1(3)sr3
Unified Communications Manager
Version 4.1(3)sr4
Unified Communications Manager
Version 4.2.1
Unified Communications Manager
Version 4.2.2
Unified Communications Manager
Version 4.2.3
Unified Communications Manager
Version 4.2.3sr1
Unified Communications Manager
Version 4.2.3sr2
Unified Communications Manager
Version 4.2.3sr2b
Unified Communications Manager
Version 4.2
Unified Communications Manager
Version 4.3
Unified Communications Manager
Version 4.3(1)
Unified Communications Manager
Version 5.0
Unified Communications Manager
Version 5.1.2
Unified Communications Manager
Version 5.1
Unified Communications Manager
Version 5.1(1)
Unified Communications Manager
Version 5.1(1b)
Unified Communications Manager
Version 5.1(1c)
Unified Communications Manager
Version 5.1(2)
Unified Communications Manager
Version 5.1(2a)
Unified Communications Manager
Version 5.1(2b)
Unified Communications Manager
Version 5.1(3)
Unified Communications Manager
Version 5.1(3a)
Unified Communications Manager
Version 5.1(3c)
Unified Communications Manager
Version 5.1(3d)
Unified Communications Manager
Version 5.1(3e)
Unified Communications Manager
Version 6.0
Unified Communications Manager
Version 6.0(1)
Unified Communications Manager
Version 6.0(1a)
Unified Communications Manager
Version 6.0(1b)
Unified Communications Manager
Version 6.1(1)
Unified Communications Manager
Version 6.1(1a)
Unified Communications Manager
Version 6.1(1b)
Unified Communications Manager
Version 6.1(2)
Unified Communications Manager
Version 6.1(2)su1
Unified Communications Manager
Version 6.1(2)su1a
Unified Communications Manager
Version 6.1(3)
Unified Communications Manager
Version 6.1(3a)
Unified Communications Manager
Version 6.1(3b)
Unified Communications Manager
Version 6.1(3b)su1
Unified Communications Manager
Version 6.1(4)
Unified Communications Manager
Version 6.1(4)su1
Unified Communications Manager
Version 6.1(4a)
Unified Communications Manager
Version 6.1(4a)su2
Unified Communications Manager
Version 6.1(5)
Unified Communications Manager
Version 6.1(5)su1
Unified Communications Manager
Version 6.1(5)su2
Unified Communications Manager
Version 6.1(5)su3
Unified Communications Manager
Version 7.0(1)su1
Unified Communications Manager
Version 7.0(1)su1a
Unified Communications Manager
Version 7.0(2)
Unified Communications Manager
Version 7.0(2a)
Unified Communications Manager
Version 7.0(2a)su1
Unified Communications Manager
Version 7.0(2a)su2
Unified Communications Manager
Version 7.1(2a)
Unified Communications Manager
Version 7.1(2a)su1
Unified Communications Manager
Version 7.1(2b)
Unified Communications Manager
Version 7.1(2b)su1
Unified Communications Manager
Version 7.1(3)
Unified Communications Manager
Version 7.1(3a)
Unified Communications Manager
Version 7.1(3a)su1
Unified Communications Manager
Version 7.1(3a)su1a
Unified Communications Manager
Version 7.1(3b)
Unified Communications Manager
Version 7.1(3b)su1
Unified Communications Manager
Version 7.1(3b)su2
Unified Communications Manager
Version 7.1(5)
Unified Communications Manager
Version 7.1(5)su1
Unified Communications Manager
Version 7.1(5)su1a
Unified Communications Manager
Version 7.1(5a)
Unified Communications Manager
Version 7.1(5b)
Unified Communications Manager
Version 7.1(5b)su1
Unified Communications Manager
Version 7.1(5b)su1a
Unified Communications Manager
Version 7.1(5b)su2
Unified Communications Manager
Version 7.1(5b)su3
Unified Communications Manager
Version 7.1(5b)su4
Unified Communications Manager
Version 7.1(5b)su5
Unified Communications Manager
Version 7.1(5b)su6
Unified Communications Manager
Version 8.0
Unified Communications Manager
Version 8.0(1)
Unified Communications Manager
Version 8.0(2)
Unified Communications Manager
Version 8.0(2a)
Unified Communications Manager
Version 8.0(2b)
Unified Communications Manager
Version 8.0(2c)
Unified Communications Manager
Version 8.0(2c)su1
Unified Communications Manager
Version 8.0(3)
Unified Communications Manager
Version 8.0(3a)
Unified Communications Manager
Version 8.0(3a)su1
Unified Communications Manager
Version 8.0(3a)su2
Unified Communications Manager
Version 8.0(3a)su3
Unified Communications Manager
Version 8.5
Unified Communications Manager
Version 8.5(1)
Unified Communications Manager
Version 8.5(1)su1
Unified Communications Manager
Version 8.5(1)su2
Unified Communications Manager
Version 8.5(1)su3
Unified Communications Manager
Version 8.5(1)su4
Unified Communications Manager
Version 8.5(1)su5
Unified Communications Manager
Version 8.6
Unified Communications Manager
Version 8.6(1)
Unified Communications Manager
Version 8.6(1a)
Unified Communications Manager
Version 8.6(2)
Unified Communications Manager
Version 8.6(2a)
Unified Communications Manager
Version 8.6(2a)su1
Unified Communications Manager
Version 8.6(2a)su2
Unified Communications Manager
Version 8.6(2a)su3
Unified Communications Manager
Version 8.6(3)
Unified Communications Manager
Version 8.6(4)
Unified Communications Manager
Version 9.0(1)

Related CWEs

CWE-264
CWE-264

References (14)

Source: psirt@cisco.com
Source: psirt@cisco.com
Source: psirt@cisco.com
Vendor Advisory
Source: psirt@cisco.com
Vendor Advisory
Source: psirt@cisco.com
Third Party AdvisoryVDB Entry
Source: psirt@cisco.com
Third Party AdvisoryVDB Entry
Source: psirt@cisco.com
Source: af854a3a-2127-422b-91ae-364da2661108
Source: af854a3a-2127-422b-91ae-364da2661108
Source: af854a3a-2127-422b-91ae-364da2661108
Vendor Advisory
Source: af854a3a-2127-422b-91ae-364da2661108
Vendor Advisory
Source: af854a3a-2127-422b-91ae-364da2661108
Third Party AdvisoryVDB Entry
Source: af854a3a-2127-422b-91ae-364da2661108
Third Party AdvisoryVDB Entry
Source: af854a3a-2127-422b-91ae-364da2661108

Timeline

No history available yet.