CVE-2014-8008

Published: Jan 22, 2015Modified: May 6, 2026

6.8

Vector

AV:N/AC:L/Au:S/C:C/I:N/A:N

Exploitability: 8.0 / Impact: 6.9

Source: NVD

Description

Absolute path traversal vulnerability in the Real-Time Monitoring Tool (RTMT) API in Cisco Unified Communications Manager (CUCM) allows remote authenticated users to read arbitrary files via a full pathname in an API command, aka Bug ID CSCur49414.

Affected (1)

Products: Cisco: Unified Communications Manager

Cisco

1 product

Unified Communications Manager

Configuration A

1 vulnerable

Vulnerable Software	Affected Versions
Cisco Unified Communications Manager	All versions

Related CWEs

CWE-200

Exposure of Sensitive Information to an Unauthorized Actor

The product exposes sensitive information to an actor that is not explicitly authorized to have access to that information.

References (8)

http://tools.cisco.com/security/center/content/CiscoSecurityNotice/CVE-2014-8008

Source: psirt@cisco.com

Vendor Advisory

http://www.securityfocus.com/bid/72263

Source: psirt@cisco.com

http://www.securitytracker.com/id/1031604

Source: psirt@cisco.com

https://tools.cisco.com/security/center/viewAlert.x?alertId=37111

Source: psirt@cisco.com

http://tools.cisco.com/security/center/content/CiscoSecurityNotice/CVE-2014-8008

Source: af854a3a-2127-422b-91ae-364da2661108

Vendor Advisory

http://www.securityfocus.com/bid/72263

Source: af854a3a-2127-422b-91ae-364da2661108

http://www.securitytracker.com/id/1031604

Source: af854a3a-2127-422b-91ae-364da2661108

https://tools.cisco.com/security/center/viewAlert.x?alertId=37111

Source: af854a3a-2127-422b-91ae-364da2661108

Timeline

No history available yet.