CVE-2014-8009 — Sensitive Information Exposure in Cisco Unified Computing System

CWE-200 — Sensitive Information Exposure4 documents4 sources

Severity

5.0MEDIUMNVD

EPSS

0.2%

top 53.37%

CISA KEV

Not in KEV

Exploit

No known exploits

Affected products

Cisco Unified Computing System

Timeline

PublishedDec 10

Latest updateMay 17

Description

The Management subsystem in Cisco Unified Computing System 2.1(3f) and earlier allows remote attackers to obtain sensitive information by reading log files, aka Bug ID CSCur99239.

CVSS vector

AV:N/AC:L/C:P/I:N/A:NExploitability: 10.0 | Impact: 2.9

Affected Packages1 packages

▶NVDcisco/unified_computing_system2.1\(3f\)

🔴Vulnerability Details

GHSA

GHSA-qjhp-7w3m-hgv6: The Management subsystem in Cisco Unified Computing System 2↗2022-05-17

▶

CVEList

CVE-2014-8009: The Management subsystem in Cisco Unified Computing System 2↗2014-12-10

▶

📋Vendor Advisories

Cisco

Cisco Unified Computing System Manager Information Disclosure Vulnerability↗2014-12-08

▶