CVE-2014-0732
Cisco Unified Communications Manager < 10.0(1) - Unauthenticated Information Disclosure via RTMT Direct URL Access
Title source: llmDescription
The Real Time Monitoring Tool (RTMT) web application in Cisco Unified Communications Manager (Unified CM) 10.0(1) and earlier does not properly enforce authentication requirements, which allows remote attackers to read application files via a direct request to a URL, aka Bug ID CSCum46495.
References (2)
Core 2
Core References
Vendor Advisory x_refsource_confirm
http://tools.cisco.com/security/center/viewAlert.x?alertId=32913
Vendor Advisory vendor-advisory
x_refsource_cisco
http://tools.cisco.com/security/center/content/CiscoSecurityNotice/CVE-2014-0732
Scores
EPSS
0.0181
EPSS Percentile
75.8%
Details
CWE
CWE-287
Status
published
Products (18)
cisco/unified_communications_manager
3.3\(5\)
cisco/unified_communications_manager
3.3\(5\)sr1
cisco/unified_communications_manager
3.3\(5\)sr2a
cisco/unified_communications_manager
4.1\(3\)
cisco/unified_communications_manager
4.1\(3\)sr1
cisco/unified_communications_manager
4.1\(3\)sr2
cisco/unified_communications_manager
4.1\(3\)sr3
cisco/unified_communications_manager
4.1\(3\)sr4
cisco/unified_communications_manager
4.2
cisco/unified_communications_manager
4.2.1
... and 8 more
Published
Feb 20, 2014
Tracked Since
Feb 18, 2026