CVE-2014-3332
First published: Mon Aug 11 2014(Updated: )
Cisco Unified Communications Manager (CM) 8.6(.2) and earlier has an incorrect CLI restrictions setting, which allows remote authenticated users to establish undetected concurrent logins via unspecified vectors, aka Bug ID CSCup98029.
Credit: ykramarz@cisco.com
| Affected Software | Affected Version | How to fix |
|---|---|---|
| Cisco Unified Communications Manager | <=8.6\(2\) |
Never miss a vulnerability like this again
Sign up to SecAlerts for real-time vulnerability data matched to your software, aggregated from hundreds of sources.
Reference Links
Frequently Asked Questions
What is the severity of CVE-2014-3332?
CVE-2014-3332 is considered a high severity vulnerability due to the potential for remote authenticated users to exploit the CLI restrictions.
How do I fix CVE-2014-3332?
To mitigate CVE-2014-3332, upgrade Cisco Unified Communications Manager to a version later than 8.6(2).
What are the potential impacts of CVE-2014-3332?
CVE-2014-3332 allows remote authenticated users to establish undetected concurrent logins, which can lead to unauthorized access and information disclosure.
Who is affected by CVE-2014-3332?
CVE-2014-3332 affects users of Cisco Unified Communications Manager version 8.6(2) and earlier.
What is the nature of the vulnerability in CVE-2014-3332?
CVE-2014-3332 involves incorrect CLI restrictions, allowing remote authenticated users to create concurrent login sessions without detection.
- agent/type
- agent/softwarecombine
- collector/mitre-cve
- source/MITRE
- agent/severity
- agent/last-modified-date
- agent/references
- agent/author
- agent/description
- agent/first-publish-date
- agent/event
- collector/nvd-index
- agent/software-canonical-lookup-request
- agent/tags
- agent/source
- vendor/cisco
- canonical/cisco unified communications manager
- version/cisco unified communications manager/8.6\(2\)