CVE-2014-0674
Cisco Video Surveillance Operations Manager - Unauthenticated MySQL Database Access
Title source: llmDescription
Cisco Video Surveillance Operations Manager (VSOM) does not require authentication for MySQL database connections, which allows remote attackers to obtain sensitive information, modify data, or cause a denial of service by leveraging network connectivity from a client system with a crafted host name, aka Bug ID CSCud10992.
References (7)
Core 7
Core References
Third Party Advisory, VDB Entry vdb-entry
x_refsource_xf
https://exchange.xforce.ibmcloud.com/vulnerabilities/90651
Vendor Advisory vendor-advisory
x_refsource_cisco
http://tools.cisco.com/security/center/content/CiscoSecurityNotice/CVE-2014-0674
Third Party Advisory, VDB Entry vdb-entry
x_refsource_osvdb
http://osvdb.org/102409
Third Party Advisory, VDB Entry vdb-entry
x_refsource_bid
http://www.securityfocus.com/bid/65111
Vendor Advisory vendor-advisory
x_refsource_ubuntu
http://www.ubuntu.com/usn/USN-2739-1
Third Party Advisory, VDB Entry vdb-entry
x_refsource_sectrack
http://www.securitytracker.com/id/1029692
Third Party Advisory third-party-advisory
x_refsource_secunia
http://secunia.com/advisories/56619
Scores
EPSS
0.0160
EPSS Percentile
72.7%
Details
CWE
CWE-287
Status
published
Products (1)
cisco/video_surveillance_operations_manager
Published
Jan 24, 2014
Tracked Since
Feb 18, 2026