The Real Time Monitoring Tool (RTMT) implementation in Cisco Unified Communications Manager (Unified CM) allows remote authenticated users to (1) read or (2) delete arbitrary files via a crafted URL, aka Bug IDs CSCuo17302 and CSCuo17199.
References
| Link | Resource |
|---|---|
| http://secunia.com/advisories/58315 | Permissions Required |
| http://tools.cisco.com/security/center/content/CiscoSecurityNotice/CVE-2014-3292 | Vendor Advisory |
| http://tools.cisco.com/security/center/viewAlert.x?alertId=34574 | Vendor Advisory |
| http://www.securitytracker.com/id/1030408 | Third Party Advisory VDB Entry |
| http://secunia.com/advisories/58315 | Permissions Required |
| http://tools.cisco.com/security/center/content/CiscoSecurityNotice/CVE-2014-3292 | Vendor Advisory |
| http://tools.cisco.com/security/center/viewAlert.x?alertId=34574 | Vendor Advisory |
| http://www.securitytracker.com/id/1030408 | Third Party Advisory VDB Entry |
Configurations
History
21 Nov 2024, 02:07
| Type | Values Removed | Values Added |
|---|---|---|
| References | () http://secunia.com/advisories/58315 - Permissions Required | |
| References | () http://tools.cisco.com/security/center/content/CiscoSecurityNotice/CVE-2014-3292 - Vendor Advisory | |
| References | () http://tools.cisco.com/security/center/viewAlert.x?alertId=34574 - Vendor Advisory | |
| References | () http://www.securitytracker.com/id/1030408 - Third Party Advisory, VDB Entry |
Information
Published : 2014-06-10 11:19
Updated : 2024-11-21 02:07
NVD link : CVE-2014-3292
Mitre link : CVE-2014-3292
CVE.ORG link : CVE-2014-3292
JSON object : View
Products Affected
cisco
- unified_communications_manager
CWE
CWE-20
Improper Input Validation