CVE-2003-0731

CiscoWorks Common Management Foundation (CMF) 2.1 and earlier allows the guest user to gain administrative privileges via a certain POST request to com.cisco.nm.cmf.servlet.CsAuthServlet, possibly involving the "cmd" parameter with a modifyUser value and a modified "priviledges" parameter.
References
Configurations

Configuration 1 (hide)

OR cpe:2.3:a:cisco:resource_manager:1.0:*:*:*:*:*:*:*
cpe:2.3:a:cisco:resource_manager:1.1:*:*:*:*:*:*:*
cpe:2.3:a:cisco:resource_manager_essentials:2.0:*:*:*:*:*:*:*
cpe:2.3:a:cisco:resource_manager_essentials:2.1:*:*:*:*:*:*:*
cpe:2.3:a:cisco:resource_manager_essentials:2.2:*:*:*:*:*:*:*

Configuration 2 (hide)

OR cpe:2.3:a:cisco:ciscoworks_common_management_foundation:2.0:*:*:*:*:*:*:*
cpe:2.3:a:cisco:ciscoworks_common_management_foundation:2.1:*:*:*:*:*:*:*
cpe:2.3:o:cisco:ciscoworks_cd1:1st:*:*:*:*:*:*:*
cpe:2.3:o:cisco:ciscoworks_cd1:2nd:*:*:*:*:*:*:*
cpe:2.3:o:cisco:ciscoworks_cd1:3rd:*:*:*:*:*:*:*
cpe:2.3:o:cisco:ciscoworks_cd1:4th:*:*:*:*:*:*:*
cpe:2.3:o:cisco:ciscoworks_cd1:5th:*:*:*:*:*:*:*

History

No history.

Information

Published : 2003-10-20 04:00

Updated : 2024-02-28 10:24


NVD link : CVE-2003-0731

Mitre link : CVE-2003-0731

CVE.ORG link : CVE-2003-0731


JSON object : View

Products Affected

cisco

  • ciscoworks_common_management_foundation
  • resource_manager_essentials
  • resource_manager
  • ciscoworks_cd1