SecPod SCAP Repo, a repository of SCAP Content (CVE, CCE, CPE, CWE, OVAL and XCCDF)

Download | Alert*

CVE

CVE-2014-3319

Directory traversal vulnerability in the Real-Time Monitoring Tool (RTMT) in Cisco Unified Communications Manager (CM) 10.0(1) allows remote authenticated users to read arbitrary files via a crafted URL, aka Bug ID CSCup57676.

CVSS Score and Metrics +CVSS Score and Metrics -

CVSS V2 Severity:
CVSS Score : 6.8
Exploit Score: 8.0
Impact Score: 6.9

CVSS V2 Metrics:
Access Vector: NETWORK
Access Complexity: LOW
Authentication: SINGLE
Confidentiality: COMPLETE
Integrity: NONE
Availability: NONE

Reference:

SECTRACK-1030554

http://tools.cisco.com/security/center/content/CiscoSecurityNotice/CVE-2014-3319

SECUNIA-59734

cucm-cve20143319-dir-trav(94436)

http://tools.cisco.com/security/center/viewAlert.x?alertId=34909


30481



423868



255227



909



198741



282