CVE-2003-0732Cisco Ciscoworks CD1 vulnerability

3 documents3 sources
Severity
10.0CRITICALNVD
EPSS
0.4%
top 40.39%
CISA KEV
Not in KEV
Exploit
No known exploits
Affected products
4
Cisco Ciscoworks CD1Cisco Ciscoworks Common Management FoundationCisco Resource Manager+1 more
Timeline
PublishedOct 20
Latest updateApr 29

Description

CiscoWorks Common Management Foundation (CMF) 2.1 and earlier allows the guest user to obtain restricted information and possibly gain administrative privileges by changing the "guest" user to the Admin user on the Modify or delete users pages.

CVSS vector

AV:N/AC:L/C:C/I:C/A:CExploitability: 10.0 | Impact: 10.0

Affected Packages4 packages

NVDcisco/ciscoworks_cd15 versions+4
NVDcisco/resource_manager1.0, 1.1+1

Patches

Patch: www.cisco.comPatch: www.cisco.com

🔴Vulnerability Details

2
GHSA
GHSA-2rg6-3m8g-8x9g: CiscoWorks Common Management Foundation (CMF) 22022-04-29
CVEList
CVE-2003-0732: CiscoWorks Common Management Foundation (CMF) 22003-09-04
CVE-2003-0732 — Cisco Ciscoworks CD1 vulnerability | cvebase