CVE-2014-0725

Cisco Unified Communications Manager - Authentication Bypass

Title source: rule

Description

Cisco Unified Communications Manager (UCM) does not require authentication for reading WAR files, which allows remote attackers to obtain sensitive information via unspecified access to a "file storage location," aka Bug ID CSCum05337.

References (1)

[Vendor Advisory] http://tools.cisco.com/security/center/content/CiscoSecurityNotice/CVE-2014-0725

Scores

EPSS 0.0027

EPSS Percentile 50.7%

Classification

CWE

CWE-287

Status draft

Affected Products (1)

cisco/unified_communications_manager

Timeline

Published Feb 13, 2014

Tracked Since Feb 18, 2026