CVE-2003-0731

CiscoWorks Common Management Foundation (CMF) 2.1 and earlier allows the guest user to gain administrative privileges via a certain POST request to com.cisco.nm.cmf.servlet.CsAuthServlet, possibly involving the "cmd" parameter with a modifyUser value and a modified "priviledges" parameter.

Published: Oct 20, 2003
Updated: Apr 13, 2023
CVE: CVE-2003-0731
Severity: High
Exploit:

CVSS v2:

Severity: High
Score: 10
AV:N/AC:L/Au:N/C:C/I:C/A:C

No CWE or OWASP classifications available.

Affected Software
References

Software	From	Fixed in
cisco / resource_manager_essentials	2.1	2.1.x
cisco / resource_manager	1.0	1.0.x
cisco / resource_manager_essentials	2.2	2.2.x
cisco / resource_manager_essentials	2.0	2.0.x
cisco / resource_manager	1.1	1.1.x
cisco / ciscoworks_cd1	4th	4th.x
cisco / ciscoworks_common_management_foundation	2.1	2.1.x
cisco / ciscoworks_cd1	1st	1st.x
cisco / ciscoworks_cd1	3rd	3rd.x
cisco / ciscoworks_cd1	2nd	2nd.x
cisco / ciscoworks_cd1	5th	5th.x
cisco / ciscoworks_common_management_foundation	2.0	2.0.x

Vulnerability Database

289,599

CVE-2003-0731