← Back

CVE-2014-0743

nvd nist
Published: Feb 27, 2014Modified: Apr 29, 2026

JSON object

Loading...
5.0
Vector
AV:N/AC:L/Au:N/C:N/I:P/A:N
Exploitability: 10.0 / Impact: 2.9
Source: NVD

Description

The Certificate Authority Proxy Function (CAPF) component in Cisco Unified Communications Manager (Unified CM) 10.0(1) and earlier allows remote attackers to bypass authentication and modify registered-device information via crafted data, aka Bug ID CSCum95468.

Affected (18)

Cisco
1 product
Unified Communications Manager
Configuration A
18 vulnerable
Vulnerable SoftwareAffected Versions
Cisco
Unified Communications Manager
Up to 10.0\(1\)
Unified Communications Manager
Version 10.0
Unified Communications Manager
Version 3.3(5)
Unified Communications Manager
Version 3.3(5)sr1
Unified Communications Manager
Version 3.3(5)sr2a
Unified Communications Manager
Version 4.1(3)
Unified Communications Manager
Version 4.1(3)sr1
Unified Communications Manager
Version 4.1(3)sr2
Unified Communications Manager
Version 4.1(3)sr3
Unified Communications Manager
Version 4.1(3)sr4
Unified Communications Manager
Version 4.2.1
Unified Communications Manager
Version 4.2.2
Unified Communications Manager
Version 4.2.3
Unified Communications Manager
Version 4.2.3sr1
Unified Communications Manager
Version 4.2.3sr2
Unified Communications Manager
Version 4.2.3sr2b
Unified Communications Manager
Version 4.2
Unified Communications Manager
Version 4.3

Related CWEs

CWE-287
Improper Authentication
When an actor claims to have a given identity, the product does not prove or insufficiently proves that the claim is correct.

References (6)

Source: psirt@cisco.com
Vendor Advisory
Source: psirt@cisco.com
Vendor Advisory
Source: psirt@cisco.com
Source: af854a3a-2127-422b-91ae-364da2661108
Vendor Advisory
Source: af854a3a-2127-422b-91ae-364da2661108
Vendor Advisory
Source: af854a3a-2127-422b-91ae-364da2661108

Timeline

No history available yet.