Vulnerability Database

290,020

Total vulnerabilities in the database

CVE-2014-3338

The CTIManager module in Cisco Unified Communications Manager (CM) 10.0(1), when single sign-on is enabled, does not properly validate Kerberos SSO tokens, which allows remote authenticated users to gain privileges and execute arbitrary commands via crafted token data, aka Bug ID CSCum95491.

  • Published: Aug 13, 2014
  • Updated: Apr 13, 2023
  • CVE: CVE-2014-3338
  • Severity: High
  • Exploit:

CVSS v2:

  • Severity: High
  • Score: 8.5
  • AV:N/AC:M/Au:S/C:C/I:C/A:C

CWEs:

Software From Fixed in
cisco / unified_communications_manager 10.0(1) 10.0(1).x