First published: Mon Oct 20 2003(Updated: )
CiscoWorks Common Management Foundation (CMF) 2.1 and earlier allows the guest user to gain administrative privileges via a certain POST request to com.cisco.nm.cmf.servlet.CsAuthServlet, possibly involving the "cmd" parameter with a modifyUser value and a modified "priviledges" parameter.
Credit: cve@mitre.org
Affected Software | Affected Version | How to fix |
---|---|---|
Cisco Resource Manager Essentials | =2.1 | |
Cisco Resource Manager | =1.0 | |
Cisco Resource Manager Essentials | =2.2 | |
Cisco Resource Manager Essentials | =2.0 | |
Cisco Resource Manager | =1.1 | |
Cisco Ciscoworks Cd1 | =4th | |
Cisco Ciscoworks Common Management Foundation | =2.1 | |
Cisco Ciscoworks Cd1 | =1st | |
Cisco Ciscoworks Cd1 | =3rd | |
Cisco Ciscoworks Cd1 | =2nd | |
Cisco Ciscoworks Cd1 | =5th | |
Cisco Ciscoworks Common Management Foundation | =2.0 |
Sign up to SecAlerts for real-time vulnerability data matched to your software, aggregated from hundreds of sources.