CVE-2014-0732

Cisco Unified Communications Manager - Authentication Bypass

Title source: rule

Description

The Real Time Monitoring Tool (RTMT) web application in Cisco Unified Communications Manager (Unified CM) 10.0(1) and earlier does not properly enforce authentication requirements, which allows remote attackers to read application files via a direct request to a URL, aka Bug ID CSCum46495.

References (2)

Scores

EPSS 0.0021
EPSS Percentile 43.8%

Classification

CWE
CWE-287
Status draft

Affected Products (18)

cisco/unified_communications_manager < 10.0\(1\)
cisco/unified_communications_manager
cisco/unified_communications_manager
cisco/unified_communications_manager
cisco/unified_communications_manager
cisco/unified_communications_manager
cisco/unified_communications_manager
cisco/unified_communications_manager
cisco/unified_communications_manager
cisco/unified_communications_manager
cisco/unified_communications_manager
cisco/unified_communications_manager
cisco/unified_communications_manager
cisco/unified_communications_manager
cisco/unified_communications_manager
... and 3 more

Timeline

Published Feb 20, 2014
Tracked Since Feb 18, 2026