Vulnerability Database

296,172

Total vulnerabilities in the database

CVE-2014-0731

The administration interface in Cisco Unified Communications Manager (Unified CM) 10.0(1) and earlier allows remote attackers to bypass authentication and read Java class files via a direct request, aka Bug ID CSCum46497.

Published: Feb 22, 2014
Updated: Apr 13, 2023
CVE: CVE-2014-0731
Severity: Medium
Exploit:

CVSS v2:

Severity: Medium
Score: 5
AV:N/AC:L/Au:N/C:P/I:N/A:N

CWEs:

CWE-264

Affected Software
References

Software	From	Fixed in
cisco / unified_communications_manager	4.2.3sr2	4.2.3sr2.x
cisco / unified_communications_manager	3.3(5)	3.3(5).x
cisco / unified_communications_manager	4.1(3)sr1	4.1(3)sr1.x
cisco / unified_communications_manager	10.0	10.0.x
cisco / unified_communications_manager	4.2.3sr1	4.2.3sr1.x
cisco / unified_communications_manager	4.1(3)sr2	4.1(3)sr2.x
cisco / unified_communications_manager	4.1(3)	4.1(3).x
cisco / unified_communications_manager	4.2	4.2.x
cisco / unified_communications_manager	4.3	4.3.x
cisco / unified_communications_manager	4.2.3	4.2.3.x
cisco / unified_communications_manager	4.1(3)sr4	4.1(3)sr4.x
cisco / unified_communications_manager	4.2.1	4.2.1.x
cisco / unified_communications_manager	3.3(5)sr2a	3.3(5)sr2a.x
cisco / unified_communications_manager	4.2.2	4.2.2.x
cisco / unified_communications_manager	4.1(3)sr3	4.1(3)sr3.x
cisco / unified_communications_manager	3.3(5)sr1	3.3(5)sr1.x
cisco / unified_communications_manager	4.2.3sr2b	4.2.3sr2b.x
cisco / unified_communications_manager	-	10.0\(1\).x