NVD

Id
30669  
Name
CVE-2014-2197  
Description
The Administration GUI in the web framework in Cisco Unified Communications Domain Manager (CDM) in Unified CDM Application Software before 8.1.4 does not properly implement access control, which allows remote authenticated users to modify administrative credentials via a crafted URL, aka Bug ID CSCun49862.  
Reject
 
CVSS Version
2  
CVSS Score
9  
Severity
High  
CVSS Base Score
9  
CVSS Impact Subscore
10  
CVSS Exploit Subscore
8  
CVSS Vector
(AV:N/AC:L/Au:S/C:C/I:C/A:C)  
Pub Date
2017-01-19  
Published
2014-07-07  
Modified Date
2017-01-06  
Seq
2014-2197  

Actions

Related NVD References

Id NVD Id NVD No. Reference Actions
161723 30669 CVE-2014-2197 59573  View
161724 30669 CVE-2014-2197 20140702 Multiple Vulnerabilities in Cisco Unified Communications Domain Manager  View
161725 30669 CVE-2014-2197 20140702 Identifying and Mitigating Exploitation of the Multiple Vulnerabilities in Cisco Unified Communications Domain Manager  View
161726 30669 CVE-2014-2197 68333  View
161727 30669 CVE-2014-2197 1030515  View

Related JVN

Id Name Title Summary Cveinfo Name Cveinfo Id Nvdinfo Name Nvdinfo Id Cvssv2 Cvssv3 Jvnurl Published Date Last Updated Date Actions
14350 JVNDB-2014-003225 Cisco Unified CDM Application Software の Cisco Unified Communications Domain Manager における管理者認証情報を変更される脆弱性 Cisco Unified CDM Application Software の Cisco Unified Communications Domain Manager (CDM) の Web フレームワークの Administration GUI は、アクセスコントロールを適切に実装しないため、管理者認証情報を変更される脆弱性が存在します。 CVE-2014-2197 69484 CVE-2014-2197 30669 9 http://jvndb.jvn.jp/ja/contents/2014/JVNDB-2014-003225.html 2014-07-02 2014-07-08 View