← Back

CVE-2014-0742

nvd nist
Published: Feb 27, 2014Modified: Apr 29, 2026

JSON object

Loading...
6.2
Vector
AV:L/AC:L/Au:S/C:C/I:C/A:N
Exploitability: 3.1 / Impact: 9.2
Source: NVD

Description

The Certificate Authority Proxy Function (CAPF) CLI implementation in the CSR management feature in Cisco Unified Communications Manager (Unified CM) 10.0(1) and earlier allows local users to read or modify arbitrary files via unspecified vectors, aka Bug ID CSCum95464.

Affected (18)

Cisco
1 product
Unified Communications Manager
Configuration A
18 vulnerable
Vulnerable SoftwareAffected Versions
Cisco
Unified Communications Manager
Up to 10.0\(1\)
Unified Communications Manager
Version 10.0
Unified Communications Manager
Version 3.3(5)
Unified Communications Manager
Version 3.3(5)sr1
Unified Communications Manager
Version 3.3(5)sr2a
Unified Communications Manager
Version 4.1(3)
Unified Communications Manager
Version 4.1(3)sr1
Unified Communications Manager
Version 4.1(3)sr2
Unified Communications Manager
Version 4.1(3)sr3
Unified Communications Manager
Version 4.1(3)sr4
Unified Communications Manager
Version 4.2.1
Unified Communications Manager
Version 4.2.2
Unified Communications Manager
Version 4.2.3
Unified Communications Manager
Version 4.2.3sr1
Unified Communications Manager
Version 4.2.3sr2
Unified Communications Manager
Version 4.2.3sr2b
Unified Communications Manager
Version 4.2
Unified Communications Manager
Version 4.3

Related CWEs

CWE-20
Improper Input Validation
The product receives input or data, but it does not validate or incorrectly validates that the input has the properties that are required to process the data safely and correctly.

References (6)

Source: psirt@cisco.com
Vendor Advisory
Source: psirt@cisco.com
Vendor Advisory
Source: psirt@cisco.com
Source: af854a3a-2127-422b-91ae-364da2661108
Vendor Advisory
Source: af854a3a-2127-422b-91ae-364da2661108
Vendor Advisory
Source: af854a3a-2127-422b-91ae-364da2661108

Timeline

No history available yet.