CVSS: 4.0EPSS: 0%CPEs: 1EXPL: 0CVE-2014-3332
https://notcve.org/view.php?id=CVE-2014-3332
Cisco Unified Communications Manager (CM) 8.6(.2) and earlier has an incorrect CLI restrictions setting, which allows remote authenticated users to establish undetected concurrent logins via unspecified vectors, aka Bug ID CSCup98029. Cisco Unified Communications Manager (CM) 8.6(.2) y anteriores tiene una configuración de restricciones CLI incorrecta, lo que permite a usuarios remotos autenticados establecer inicios de sesión concurrentes sin detección a través de vectores no especificados, también conocido como Bug ID CSCup98029. • http://tools.cisco.com/security/center/content/CiscoSecurityNotice/CVE-2014-3332 http://tools.cisco.com/security/center/viewAlert.x?alertId=35198 http://www.securityfocus.com/bid/69068 http://www.securitytracker.com/id/1030687 https://exchange.xforce.ibmcloud.com/vulnerabilities/95136 •
CVSS: 5.8EPSS: 0%CPEs: 5EXPL: 0CVE-2014-3320
https://notcve.org/view.php?id=CVE-2014-3320
Multiple open redirect vulnerabilities in the admin web interface in the web framework in Cisco Unified Communications Domain Manager (CDM) 8.1(.4) and earlier allow remote attackers to redirect users to arbitrary web sites and conduct phishing attacks via crafted URLs for unspecified scripts, aka Bug ID CSCuo48835. Múltiples vulnerabilidades de redirección abierta en la interfaz de web admin en el Framework web en Cisco Unified Communications Domain Manager (CDM) 8.1(.4) y anteriores permiten a atacantes remotos redirigir usuarios hacia sitios web arbitrarios y realizar ataques de phishing a través de URLs manipuladas para secuencias no especificadas de comandos, también conocido como Bug ID CSCuo48835. • http://tools.cisco.com/security/center/content/CiscoSecurityNotice/CVE-2014-3320 http://tools.cisco.com/security/center/viewAlert.x?alertId=34960 http://www.securityfocus.com/bid/68694 http://www.securitytracker.com/id/1030613 •
CVSS: 5.5EPSS: 0%CPEs: 1EXPL: 0CVE-2014-3317
https://notcve.org/view.php?id=CVE-2014-3317
Directory traversal vulnerability in the Multiple Analyzer in the Dialed Number Analyzer (DNA) component in Cisco Unified Communications Manager 10.0(1) allows remote authenticated users to delete arbitrary files via a crafted URL, aka Bug ID CSCup76314. Vulnerabilidad de salto de directorio en Multiple Analyzer en el componente Dialed Number Analyzer (DNA) en Cisco Unified Communications Manager 10.0(1) permite a usuarios remotos autenticados eliminar ficheros arbitrarios a través de una URL manipulada, también conocido como Bug ID CSCup76314. • http://secunia.com/advisories/59727 http://tools.cisco.com/security/center/content/CiscoSecurityNotice/CVE-2014-3317 http://tools.cisco.com/security/center/viewAlert.x?alertId=34898 http://www.securityfocus.com/bid/68481 http://www.securitytracker.com/id/1030554 https://exchange.xforce.ibmcloud.com/vulnerabilities/94435 • CWE-22: Improper Limitation of a Pathname to a Restricted Directory ('Path Traversal') •
CVSS: 6.8EPSS: 0%CPEs: 1EXPL: 0CVE-2014-3319
https://notcve.org/view.php?id=CVE-2014-3319
Directory traversal vulnerability in the Real-Time Monitoring Tool (RTMT) in Cisco Unified Communications Manager (CM) 10.0(1) allows remote authenticated users to read arbitrary files via a crafted URL, aka Bug ID CSCup57676. Vulnerabilidad de salto de directorio en Real-Time Monitoring Tool (RTMT) en Cisco Unified Communications Manager (CM) 10.0(1) permite a usuarios remotos autenticados leer ficheros arbitrarios a través de una URL manipulada, también conocido como Bug ID CSCup57676. • http://secunia.com/advisories/59734 http://tools.cisco.com/security/center/content/CiscoSecurityNotice/CVE-2014-3319 http://tools.cisco.com/security/center/viewAlert.x?alertId=34909 http://www.securitytracker.com/id/1030554 https://exchange.xforce.ibmcloud.com/vulnerabilities/94436 • CWE-22: Improper Limitation of a Pathname to a Restricted Directory ('Path Traversal') •
CVSS: 4.0EPSS: 0%CPEs: 2EXPL: 0CVE-2014-3318
https://notcve.org/view.php?id=CVE-2014-3318
Directory traversal vulnerability in dna/viewfilecontents.do in the Dialed Number Analyzer (DNA) component in Cisco Unified Communications Manager allows remote authenticated users to read arbitrary files via a crafted URL, aka Bug ID CSCup76318. Vulnerabilidad de salto de directorio en dna/viewfilecontents.do en el componente Dialed Number Analyzer (DNA) en Cisco Unified Communications Manager permite a usuarios remotos autenticados leer ficheros arbitrarios a través de una URL manipulada, también conocido como Bug ID CSCup76318. • http://secunia.com/advisories/59728 http://tools.cisco.com/security/center/content/CiscoSecurityNotice/CVE-2014-3318 http://tools.cisco.com/security/center/viewAlert.x?alertId=34897 http://www.securityfocus.com/bid/68482 http://www.securitytracker.com/id/1030554 https://exchange.xforce.ibmcloud.com/vulnerabilities/94433 • CWE-20: Improper Input Validation •