CVE-2014-0743

Cisco Unified Communications Manager - Authentication Bypass

Title source: rule

Description

The Certificate Authority Proxy Function (CAPF) component in Cisco Unified Communications Manager (Unified CM) 10.0(1) and earlier allows remote attackers to bypass authentication and modify registered-device information via crafted data, aka Bug ID CSCum95468.

References (3)

[Vendor Advisory] http://tools.cisco.com/security/center/content/CiscoSecurityNotice/CVE-2014-0743

[Vendor Advisory] http://tools.cisco.com/security/center/viewAlert.x?alertId=33044

[Third Party Advisory, VDB Entry] http://www.securitytracker.com/id/1029843

Scores

EPSS 0.0046

EPSS Percentile 63.9%

Classification

CWE

CWE-287

Status draft

Affected Products (18)

cisco/unified_communications_manager < 10.0\(1\)

cisco/unified_communications_manager

... and 3 more

Timeline

Published Feb 27, 2014

Tracked Since Feb 18, 2026