Logo
-

Byte Open Security

(ByteOS Network)

Log In

Sign Up

ByteOS

Security
Vulnerability Details
Registries
Custom Views
Weaknesses
Attack Patterns
Filters & Tools
NVD Vulnerability Details :
CVE-2014-0657
Deferred
More InfoOfficial Page
Source-psirt@cisco.com
View Known Exploited Vulnerability (KEV) details
Published At-08 Jan, 2014 | 21:55
Updated At-11 Apr, 2025 | 00:51

The administration portal in Cisco Unified Communications Manager (Unified CM) 9.1(1) and earlier does not properly handle role restrictions, which allows remote authenticated users to bypass role-based access control via multiple visits to a forbidden portal URL, aka Bug ID CSCuj83540.

CISA Catalog
Date AddedDue DateVulnerability NameRequired Action
N/A
Date Added: N/A
Due Date: N/A
Vulnerability Name: N/A
Required Action: N/A
Metrics
TypeVersionBase scoreBase severityVector
Primary2.04.0MEDIUM
AV:N/AC:L/Au:S/C:P/I:N/A:N
Type: Primary
Version: 2.0
Base score: 4.0
Base severity: MEDIUM
Vector:
AV:N/AC:L/Au:S/C:P/I:N/A:N
CPE Matches
Cisco Systems, Inc.
cisco
>>unified_communications_manager>>Versions up to 9.1\(1\)(inclusive)
cpe:2.3:a:cisco:unified_communications_manager:*:*:*:*:*:*:*:*
Cisco Systems, Inc.
cisco
>>unified_communications_manager>>3.3\(5\)
cpe:2.3:a:cisco:unified_communications_manager:3.3\(5\):*:*:*:*:*:*:*
Cisco Systems, Inc.
cisco
>>unified_communications_manager>>3.3\(5\)sr1
cpe:2.3:a:cisco:unified_communications_manager:3.3\(5\)sr1:*:*:*:*:*:*:*
Cisco Systems, Inc.
cisco
>>unified_communications_manager>>3.3\(5\)sr2a
cpe:2.3:a:cisco:unified_communications_manager:3.3\(5\)sr2a:*:*:*:*:*:*:*
Cisco Systems, Inc.
cisco
>>unified_communications_manager>>4.1\(3\)
cpe:2.3:a:cisco:unified_communications_manager:4.1\(3\):*:*:*:*:*:*:*
Cisco Systems, Inc.
cisco
>>unified_communications_manager>>4.1\(3\)sr1
cpe:2.3:a:cisco:unified_communications_manager:4.1\(3\)sr1:*:*:*:*:*:*:*
Cisco Systems, Inc.
cisco
>>unified_communications_manager>>4.1\(3\)sr2
cpe:2.3:a:cisco:unified_communications_manager:4.1\(3\)sr2:*:*:*:*:*:*:*
Cisco Systems, Inc.
cisco
>>unified_communications_manager>>4.1\(3\)sr3
cpe:2.3:a:cisco:unified_communications_manager:4.1\(3\)sr3:*:*:*:*:*:*:*
Cisco Systems, Inc.
cisco
>>unified_communications_manager>>4.1\(3\)sr4
cpe:2.3:a:cisco:unified_communications_manager:4.1\(3\)sr4:*:*:*:*:*:*:*
Cisco Systems, Inc.
cisco
>>unified_communications_manager>>4.2
cpe:2.3:a:cisco:unified_communications_manager:4.2:*:*:*:*:*:*:*
Cisco Systems, Inc.
cisco
>>unified_communications_manager>>4.2.1
cpe:2.3:a:cisco:unified_communications_manager:4.2.1:*:*:*:*:*:*:*
Cisco Systems, Inc.
cisco
>>unified_communications_manager>>4.2.2
cpe:2.3:a:cisco:unified_communications_manager:4.2.2:*:*:*:*:*:*:*
Cisco Systems, Inc.
cisco
>>unified_communications_manager>>4.2.3
cpe:2.3:a:cisco:unified_communications_manager:4.2.3:*:*:*:*:*:*:*
Cisco Systems, Inc.
cisco
>>unified_communications_manager>>4.2.3sr1
cpe:2.3:a:cisco:unified_communications_manager:4.2.3sr1:*:*:*:*:*:*:*
Cisco Systems, Inc.
cisco
>>unified_communications_manager>>4.2.3sr2
cpe:2.3:a:cisco:unified_communications_manager:4.2.3sr2:*:*:*:*:*:*:*
Cisco Systems, Inc.
cisco
>>unified_communications_manager>>4.2.3sr2b
cpe:2.3:a:cisco:unified_communications_manager:4.2.3sr2b:*:*:*:*:*:*:*
Cisco Systems, Inc.
cisco
>>unified_communications_manager>>4.3
cpe:2.3:a:cisco:unified_communications_manager:4.3:*:*:*:*:*:*:*
Cisco Systems, Inc.
cisco
>>unified_communications_manager>>4.3\(1\)
cpe:2.3:a:cisco:unified_communications_manager:4.3\(1\):*:*:*:*:*:*:*
Cisco Systems, Inc.
cisco
>>unified_communications_manager>>5.0
cpe:2.3:a:cisco:unified_communications_manager:5.0:*:*:*:*:*:*:*
Cisco Systems, Inc.
cisco
>>unified_communications_manager>>5.1
cpe:2.3:a:cisco:unified_communications_manager:5.1:*:*:*:*:*:*:*
Cisco Systems, Inc.
cisco
>>unified_communications_manager>>5.1\(1\)
cpe:2.3:a:cisco:unified_communications_manager:5.1\(1\):*:*:*:*:*:*:*
Cisco Systems, Inc.
cisco
>>unified_communications_manager>>5.1\(1b\)
cpe:2.3:a:cisco:unified_communications_manager:5.1\(1b\):*:*:*:*:*:*:*
Cisco Systems, Inc.
cisco
>>unified_communications_manager>>5.1\(1c\)
cpe:2.3:a:cisco:unified_communications_manager:5.1\(1c\):*:*:*:*:*:*:*
Cisco Systems, Inc.
cisco
>>unified_communications_manager>>5.1\(2\)
cpe:2.3:a:cisco:unified_communications_manager:5.1\(2\):*:*:*:*:*:*:*
Cisco Systems, Inc.
cisco
>>unified_communications_manager>>5.1\(2a\)
cpe:2.3:a:cisco:unified_communications_manager:5.1\(2a\):*:*:*:*:*:*:*
Cisco Systems, Inc.
cisco
>>unified_communications_manager>>5.1\(2b\)
cpe:2.3:a:cisco:unified_communications_manager:5.1\(2b\):*:*:*:*:*:*:*
Cisco Systems, Inc.
cisco
>>unified_communications_manager>>5.1\(3\)
cpe:2.3:a:cisco:unified_communications_manager:5.1\(3\):*:*:*:*:*:*:*
Cisco Systems, Inc.
cisco
>>unified_communications_manager>>5.1\(3a\)
cpe:2.3:a:cisco:unified_communications_manager:5.1\(3a\):*:*:*:*:*:*:*
Cisco Systems, Inc.
cisco
>>unified_communications_manager>>5.1\(3c\)
cpe:2.3:a:cisco:unified_communications_manager:5.1\(3c\):*:*:*:*:*:*:*
Cisco Systems, Inc.
cisco
>>unified_communications_manager>>5.1\(3d\)
cpe:2.3:a:cisco:unified_communications_manager:5.1\(3d\):*:*:*:*:*:*:*
Cisco Systems, Inc.
cisco
>>unified_communications_manager>>5.1\(3e\)
cpe:2.3:a:cisco:unified_communications_manager:5.1\(3e\):*:*:*:*:*:*:*
Cisco Systems, Inc.
cisco
>>unified_communications_manager>>5.1.2
cpe:2.3:a:cisco:unified_communications_manager:5.1.2:*:*:*:*:*:*:*
Cisco Systems, Inc.
cisco
>>unified_communications_manager>>6.0
cpe:2.3:a:cisco:unified_communications_manager:6.0:*:*:*:*:*:*:*
Cisco Systems, Inc.
cisco
>>unified_communications_manager>>6.0\(1\)
cpe:2.3:a:cisco:unified_communications_manager:6.0\(1\):*:*:*:*:*:*:*
Cisco Systems, Inc.
cisco
>>unified_communications_manager>>6.0\(1a\)
cpe:2.3:a:cisco:unified_communications_manager:6.0\(1a\):*:*:*:*:*:*:*
Cisco Systems, Inc.
cisco
>>unified_communications_manager>>6.0\(1b\)
cpe:2.3:a:cisco:unified_communications_manager:6.0\(1b\):*:*:*:*:*:*:*
Cisco Systems, Inc.
cisco
>>unified_communications_manager>>6.1\(1\)
cpe:2.3:a:cisco:unified_communications_manager:6.1\(1\):*:*:*:*:*:*:*
Cisco Systems, Inc.
cisco
>>unified_communications_manager>>6.1\(1a\)
cpe:2.3:a:cisco:unified_communications_manager:6.1\(1a\):*:*:*:*:*:*:*
Cisco Systems, Inc.
cisco
>>unified_communications_manager>>6.1\(1b\)
cpe:2.3:a:cisco:unified_communications_manager:6.1\(1b\):*:*:*:*:*:*:*
Cisco Systems, Inc.
cisco
>>unified_communications_manager>>6.1\(2\)
cpe:2.3:a:cisco:unified_communications_manager:6.1\(2\):*:*:*:*:*:*:*
Cisco Systems, Inc.
cisco
>>unified_communications_manager>>6.1\(2\)su1
cpe:2.3:a:cisco:unified_communications_manager:6.1\(2\)su1:*:*:*:*:*:*:*
Cisco Systems, Inc.
cisco
>>unified_communications_manager>>6.1\(2\)su1a
cpe:2.3:a:cisco:unified_communications_manager:6.1\(2\)su1a:*:*:*:*:*:*:*
Cisco Systems, Inc.
cisco
>>unified_communications_manager>>6.1\(3\)
cpe:2.3:a:cisco:unified_communications_manager:6.1\(3\):*:*:*:*:*:*:*
Cisco Systems, Inc.
cisco
>>unified_communications_manager>>6.1\(3a\)
cpe:2.3:a:cisco:unified_communications_manager:6.1\(3a\):*:*:*:*:*:*:*
Cisco Systems, Inc.
cisco
>>unified_communications_manager>>6.1\(3b\)
cpe:2.3:a:cisco:unified_communications_manager:6.1\(3b\):*:*:*:*:*:*:*
Cisco Systems, Inc.
cisco
>>unified_communications_manager>>6.1\(3b\)su1
cpe:2.3:a:cisco:unified_communications_manager:6.1\(3b\)su1:*:*:*:*:*:*:*
Cisco Systems, Inc.
cisco
>>unified_communications_manager>>6.1\(4\)
cpe:2.3:a:cisco:unified_communications_manager:6.1\(4\):*:*:*:*:*:*:*
Cisco Systems, Inc.
cisco
>>unified_communications_manager>>6.1\(4\)su1
cpe:2.3:a:cisco:unified_communications_manager:6.1\(4\)su1:*:*:*:*:*:*:*
Cisco Systems, Inc.
cisco
>>unified_communications_manager>>6.1\(4a\)
cpe:2.3:a:cisco:unified_communications_manager:6.1\(4a\):*:*:*:*:*:*:*
Cisco Systems, Inc.
cisco
>>unified_communications_manager>>6.1\(4a\)su2
cpe:2.3:a:cisco:unified_communications_manager:6.1\(4a\)su2:*:*:*:*:*:*:*
Weaknesses
CWE IDTypeSource
CWE-264Primarynvd@nist.gov
CWE ID: CWE-264
Type: Primary
Source: nvd@nist.gov
Evaluator Description
Evaluator Impact

Evaluator Solution

Vendor Statements
References
HyperlinkSourceResource
http://osvdb.org/101800psirt@cisco.com
N/A
http://secunia.com/advisories/56368psirt@cisco.com
N/A
http://tools.cisco.com/security/center/content/CiscoSecurityNotice/CVE-2014-0657psirt@cisco.com
Vendor Advisory
http://tools.cisco.com/security/center/viewAlert.x?alertId=32341psirt@cisco.com
Vendor Advisory
http://www.securityfocus.com/bid/64690psirt@cisco.com
Third Party Advisory
VDB Entry
http://www.securitytracker.com/id/1029571psirt@cisco.com
Third Party Advisory
VDB Entry
https://exchange.xforce.ibmcloud.com/vulnerabilities/90120psirt@cisco.com
N/A
http://osvdb.org/101800af854a3a-2127-422b-91ae-364da2661108
N/A
http://secunia.com/advisories/56368af854a3a-2127-422b-91ae-364da2661108
N/A
http://tools.cisco.com/security/center/content/CiscoSecurityNotice/CVE-2014-0657af854a3a-2127-422b-91ae-364da2661108
Vendor Advisory
http://tools.cisco.com/security/center/viewAlert.x?alertId=32341af854a3a-2127-422b-91ae-364da2661108
Vendor Advisory
http://www.securityfocus.com/bid/64690af854a3a-2127-422b-91ae-364da2661108
Third Party Advisory
VDB Entry
http://www.securitytracker.com/id/1029571af854a3a-2127-422b-91ae-364da2661108
Third Party Advisory
VDB Entry
https://exchange.xforce.ibmcloud.com/vulnerabilities/90120af854a3a-2127-422b-91ae-364da2661108
N/A
Hyperlink: http://osvdb.org/101800
Source: psirt@cisco.com
Resource: N/A
Hyperlink: http://secunia.com/advisories/56368
Source: psirt@cisco.com
Resource: N/A
Hyperlink: http://tools.cisco.com/security/center/content/CiscoSecurityNotice/CVE-2014-0657
Source: psirt@cisco.com
Resource:
Vendor Advisory
Hyperlink: http://tools.cisco.com/security/center/viewAlert.x?alertId=32341
Source: psirt@cisco.com
Resource:
Vendor Advisory
Hyperlink: http://www.securityfocus.com/bid/64690
Source: psirt@cisco.com
Resource:
Third Party Advisory
VDB Entry
Hyperlink: http://www.securitytracker.com/id/1029571
Source: psirt@cisco.com
Resource:
Third Party Advisory
VDB Entry
Hyperlink: https://exchange.xforce.ibmcloud.com/vulnerabilities/90120
Source: psirt@cisco.com
Resource: N/A
Hyperlink: http://osvdb.org/101800
Source: af854a3a-2127-422b-91ae-364da2661108
Resource: N/A
Hyperlink: http://secunia.com/advisories/56368
Source: af854a3a-2127-422b-91ae-364da2661108
Resource: N/A
Hyperlink: http://tools.cisco.com/security/center/content/CiscoSecurityNotice/CVE-2014-0657
Source: af854a3a-2127-422b-91ae-364da2661108
Resource:
Vendor Advisory
Hyperlink: http://tools.cisco.com/security/center/viewAlert.x?alertId=32341
Source: af854a3a-2127-422b-91ae-364da2661108
Resource:
Vendor Advisory
Hyperlink: http://www.securityfocus.com/bid/64690
Source: af854a3a-2127-422b-91ae-364da2661108
Resource:
Third Party Advisory
VDB Entry
Hyperlink: http://www.securitytracker.com/id/1029571
Source: af854a3a-2127-422b-91ae-364da2661108
Resource:
Third Party Advisory
VDB Entry
Hyperlink: https://exchange.xforce.ibmcloud.com/vulnerabilities/90120
Source: af854a3a-2127-422b-91ae-364da2661108
Resource: N/A
Change History
0Changes found
Details not found