CVE-2014-0742

The Certificate Authority Proxy Function (CAPF) CLI implementation in the CSR management feature in Cisco Unified Communications Manager (Unified CM) 10.0(1) and earlier allows local users to read or modify arbitrary files via unspecified vectors, aka Bug ID CSCum95464.

Published: Feb 27, 2014
Updated: Apr 13, 2023
CVE: CVE-2014-0742
Severity: Medium
Exploit:

CVSS v2:

Severity: Medium
Score: 6.2
AV:L/AC:L/Au:S/C:C/I:C/A:N

CWEs:

CWE-20

Affected Software
References

Software	From	Fixed in
cisco / unified_communications_manager	4.2.3sr2	4.2.3sr2.x
cisco / unified_communications_manager	3.3(5)	3.3(5).x
cisco / unified_communications_manager	4.1(3)sr1	4.1(3)sr1.x
cisco / unified_communications_manager	10.0	10.0.x
cisco / unified_communications_manager	4.2.3sr1	4.2.3sr1.x
cisco / unified_communications_manager	4.1(3)sr2	4.1(3)sr2.x
cisco / unified_communications_manager	4.1(3)	4.1(3).x
cisco / unified_communications_manager	4.2	4.2.x
cisco / unified_communications_manager	4.3	4.3.x
cisco / unified_communications_manager	4.2.3	4.2.3.x
cisco / unified_communications_manager	4.1(3)sr4	4.1(3)sr4.x
cisco / unified_communications_manager	4.2.1	4.2.1.x
cisco / unified_communications_manager	3.3(5)sr2a	3.3(5)sr2a.x
cisco / unified_communications_manager	4.2.2	4.2.2.x
cisco / unified_communications_manager	4.1(3)sr3	4.1(3)sr3.x
cisco / unified_communications_manager	3.3(5)sr1	3.3(5)sr1.x
cisco / unified_communications_manager	4.2.3sr2b	4.2.3sr2b.x
cisco / unified_communications_manager	-	10.0\(1\).x

Vulnerability Database

289,784

CVE-2014-0742