CVE-2014-0747

The Certificate Authority Proxy Function (CAPF) CLI implementation in Cisco Unified Communications Manager (Unified CM) 10.0(1) and earlier allows local users to inject commands via unspecified CAPF programs, aka Bug ID CSCum95493.

Published: Feb 27, 2014
Updated: Nov 9, 2025
CVE: CVE-2014-0747
Severity: Medium
Exploit:

CVSS v2:

Severity: Medium
Score: 6.8
AV:L/AC:L/Au:S/C:C/I:C/A:C

CWEs:

CWE-20

Affected Software
References

Software	From	Fixed in
cisco / unified_communications_manager	4.2.3sr2	4.2.3sr2.x
cisco / unified_communications_manager	3.3(5)	3.3(5).x
cisco / unified_communications_manager	4.1(3)sr1	4.1(3)sr1.x
cisco / unified_communications_manager	10.0	10.0.x
cisco / unified_communications_manager	4.2.3sr1	4.2.3sr1.x
cisco / unified_communications_manager	4.1(3)sr2	4.1(3)sr2.x
cisco / unified_communications_manager	4.1(3)	4.1(3).x
cisco / unified_communications_manager	4.2	4.2.x
cisco / unified_communications_manager	4.3	4.3.x
cisco / unified_communications_manager	4.2.3	4.2.3.x
cisco / unified_communications_manager	4.1(3)sr4	4.1(3)sr4.x
cisco / unified_communications_manager	4.2.1	4.2.1.x
cisco / unified_communications_manager	3.3(5)sr2a	3.3(5)sr2a.x
cisco / unified_communications_manager	4.2.2	4.2.2.x
cisco / unified_communications_manager	4.1(3)sr3	4.1(3)sr3.x
cisco / unified_communications_manager	3.3(5)sr1	3.3(5)sr1.x
cisco / unified_communications_manager	4.2.3sr2b	4.2.3sr2b.x
cisco / unified_communications_manager	-	10.0\(1\).x

Vulnerability Database

324,311

CVE-2014-0747

Deep Security Visibility Without the Complexity