Page 8 of 48 results (0.011 seconds)

CVSS: 6.8EPSS: 0%CPEs: 18EXPL: 0

Cross-site request forgery (CSRF) vulnerability in the Call Detail Records Analysis and Reporting (CAR) interface in the OS Administration component in Cisco Unified Communications Manager (Unified CM) 10.0(1) and earlier allows remote attackers to hijack the authentication of administrators for requests that make administrative changes, aka Bug ID CSCun00701. Vulnerabilidad de CSRF en la interfaz Call Detail Records Analysis and Reporting (CAR) en el componente OS Administration en Cisco Unified Communications Manager (Unified CM) 10.0(1) y anteriores permite a atacantes remotos secuestrar la autenticación de administradores para solicitudes que realizan cambios administrativos, también conocido como Bug ID CSCun00701. • http://tools.cisco.com/security/center/content/CiscoSecurityNotice/CVE-2014-0740 http://tools.cisco.com/security/center/viewAlert.x?alertId=33049 http://www.securitytracker.com/id/1029843 • CWE-352: Cross-Site Request Forgery (CSRF) •

CVSS: 6.2EPSS: 0%CPEs: 18EXPL: 0

The certificate-import feature in the Certificate Authority Proxy Function (CAPF) CLI implementation in Cisco Unified Communications Manager (Unified CM) 10.0(1) and earlier allows local users to read or modify arbitrary files via a crafted command, aka Bug ID CSCum95461. La funcionalidad certificate-import en la implementación Certificate Authority Proxy Function (CAPF) CLI en Cisco Unified Communications Manager (Unified CM) 10.0(1) y anteriores permite a usuarios locales leer o modificar archivos arbitrarios a través de un comando manipulado, también conocido como Bug ID CSCum95461. • http://tools.cisco.com/security/center/content/CiscoSecurityNotice/CVE-2014-0741 http://tools.cisco.com/security/center/viewAlert.x?alertId=33046 http://www.securitytracker.com/id/1029843 • CWE-310: Cryptographic Issues •

CVSS: 6.8EPSS: 0%CPEs: 18EXPL: 0

The Certificate Authority Proxy Function (CAPF) CLI implementation in Cisco Unified Communications Manager (Unified CM) 10.0(1) and earlier allows local users to inject commands via unspecified CAPF programs, aka Bug ID CSCum95493. La implementación Certificate Authority Proxy Function (CAPF) CLI en Cisco Unified Communications Manager (Unified CM) 10.0(1) y anteriores permite a usuarios locales inyectar comandos a través de programas CAPF no especificados, también conocido como Bug ID CSCum95493. • http://tools.cisco.com/security/center/content/CiscoSecurityNotice/CVE-2014-0747 http://tools.cisco.com/security/center/viewAlert.x?alertId=33048 http://www.securitytracker.com/id/1029843 • CWE-20: Improper Input Validation •

CVSS: 6.2EPSS: 0%CPEs: 18EXPL: 0

The Certificate Authority Proxy Function (CAPF) CLI implementation in the CSR management feature in Cisco Unified Communications Manager (Unified CM) 10.0(1) and earlier allows local users to read or modify arbitrary files via unspecified vectors, aka Bug ID CSCum95464. La implementación Certificate Authority Proxy Function (CAPF) CLI en la funcionalidad de gestión CSR en Cisco Unified Communications Manager (Unified CM) 10.0(1) y anteriores permite a usuarios locales leer o modificar archivos arbitrarios a través de vectores no especificados, también conocido como Bug ID CSCum95464. • http://tools.cisco.com/security/center/content/CiscoSecurityNotice/CVE-2014-0742 http://tools.cisco.com/security/center/viewAlert.x?alertId=33045 http://www.securitytracker.com/id/1029843 • CWE-20: Improper Input Validation •

CVSS: 5.0EPSS: 0%CPEs: 18EXPL: 0

The administration interface in Cisco Unified Communications Manager (Unified CM) 10.0(1) and earlier allows remote attackers to bypass authentication and read Java class files via a direct request, aka Bug ID CSCum46497. La administración del interfaz en Cisco Unified Communications Manager (Unified CM) 10.0(1) y versiones anteriores permite a atacantes remotos eludir la autenticación y leer archivos Java class a través de una petición directa, vulnerabilidad también conocida como Bug ID CSCum46497. • http://tools.cisco.com/security/center/content/CiscoSecurityNotice/CVE-2014-0731 http://tools.cisco.com/security/center/viewAlert.x?alertId=32915 • CWE-264: Permissions, Privileges, and Access Controls •