← Back

CVE-2014-0741

nvd nist
Published: Feb 27, 2014Modified: Apr 29, 2026

JSON object

Loading...
6.2
Vector
AV:L/AC:L/Au:S/C:C/I:C/A:N
Exploitability: 3.1 / Impact: 9.2
Source: NVD

Description

The certificate-import feature in the Certificate Authority Proxy Function (CAPF) CLI implementation in Cisco Unified Communications Manager (Unified CM) 10.0(1) and earlier allows local users to read or modify arbitrary files via a crafted command, aka Bug ID CSCum95461.

Affected (18)

Cisco
1 product
Unified Communications Manager
Configuration A
18 vulnerable
Vulnerable SoftwareAffected Versions
Cisco
Unified Communications Manager
Up to 10.0\(1\)
Unified Communications Manager
Version 10.0
Unified Communications Manager
Version 3.3(5)
Unified Communications Manager
Version 3.3(5)sr1
Unified Communications Manager
Version 3.3(5)sr2a
Unified Communications Manager
Version 4.1(3)
Unified Communications Manager
Version 4.1(3)sr1
Unified Communications Manager
Version 4.1(3)sr2
Unified Communications Manager
Version 4.1(3)sr3
Unified Communications Manager
Version 4.1(3)sr4
Unified Communications Manager
Version 4.2.1
Unified Communications Manager
Version 4.2.2
Unified Communications Manager
Version 4.2.3
Unified Communications Manager
Version 4.2.3sr1
Unified Communications Manager
Version 4.2.3sr2
Unified Communications Manager
Version 4.2.3sr2b
Unified Communications Manager
Version 4.2
Unified Communications Manager
Version 4.3

Related CWEs

CWE-310
CWE-310

References (6)

Source: psirt@cisco.com
Vendor Advisory
Source: psirt@cisco.com
Vendor Advisory
Source: psirt@cisco.com
Source: af854a3a-2127-422b-91ae-364da2661108
Vendor Advisory
Source: af854a3a-2127-422b-91ae-364da2661108
Vendor Advisory
Source: af854a3a-2127-422b-91ae-364da2661108

Timeline

No history available yet.