Lumension® Endpoint Intelligence Center

Intelligence Center » Browse All Vulnerabilities » CVE-2014-8008

Overview

Vulnerability Score 6.8 6.8
CVE Id CVE-2014-8008
Last Modified 10 Feb 2015 09:59:27
Published 22 Jan 2015 09:01:14
Confidentiality Impact COMPLETE COMPLETE
Integrity Impact NONE NONE
Availability Impact NONE NONE
Access Vector NETWORK
Access Complexity LOW
Authentication SINGLE_INSTANCE

CVE-2014-8008

Summary

Absolute path traversal vulnerability in the Real-Time Monitoring Tool (RTMT) API in Cisco Unified Communications Manager (CUCM) allows remote authenticated users to read arbitrary files via a full pathname in an API command, aka Bug ID CSCur49414.

Vulnerable Systems

Application

  • Cisco Unified Communications Manager


References

CISCO - 20150121 Cisco Unified Communications Manager Real-Time Monitoring Tool File Disclosure Vulnerability

SECTRACK - 1031604

BID - 72263


Last Updated: 27 May 2016 11:07:44