CVE-2014-3332 — Cisco Unified Communications Manager vulnerability

5 documents5 sources

Severity

4.0MEDIUMNVD

EPSS

0.3%

top 46.11%

CISA KEV

Not in KEV

Exploit

No known exploits

Affected products

Cisco Unified Communications Manager

Timeline

PublishedAug 11

Latest updateMay 17

Description

Cisco Unified Communications Manager (CM) 8.6(.2) and earlier has an incorrect CLI restrictions setting, which allows remote authenticated users to establish undetected concurrent logins via unspecified vectors, aka Bug ID CSCup98029.

CVSS vector

AV:N/AC:L/C:N/I:P/A:NExploitability: 8.0 | Impact: 2.9

Affected Packages1 packages

▶NVDcisco/unified_communications_manager8.6\(2\)

🔴Vulnerability Details

GHSA

GHSA-hr6h-cw97-w8v6: Cisco Unified Communications Manager (CM) 8↗2022-05-17

▶

OSV

linux-lts-utopic vulnerabilities↗2015-05-20

▶

CVEList

CVE-2014-3332: Cisco Unified Communications Manager (CM) 8↗2014-08-11

▶

📋Vendor Advisories

Cisco

Cisco Unified Communications Manager Concurrent Login Vulnerability↗2014-08-07

▶