Vulnerability Description
Cisco Video Surveillance Operations Manager (VSOM) does not require authentication for MySQL database connections, which allows remote attackers to obtain sensitive information, modify data, or cause a denial of service by leveraging network connectivity from a client system with a crafted host name, aka Bug ID CSCud10992.
CVSS Score
MEDIUM
Affected Products
| Vendor | Product | Versions |
|---|---|---|
| Cisco | Video Surveillance Operations Manager | - |
Related Weaknesses (CWE)
References
- http://osvdb.org/102409
- http://secunia.com/advisories/56619
- http://tools.cisco.com/security/center/content/CiscoSecurityNotice/CVE-2014-0674Vendor Advisory
- http://www.securityfocus.com/bid/65111
- http://www.securitytracker.com/id/1029692
- http://www.ubuntu.com/usn/USN-2739-1
- https://exchange.xforce.ibmcloud.com/vulnerabilities/90651
- http://osvdb.org/102409
- http://secunia.com/advisories/56619
- http://tools.cisco.com/security/center/content/CiscoSecurityNotice/CVE-2014-0674Vendor Advisory
- http://www.securityfocus.com/bid/65111
- http://www.securitytracker.com/id/1029692
- http://www.ubuntu.com/usn/USN-2739-1
- https://exchange.xforce.ibmcloud.com/vulnerabilities/90651
FAQ
What is CVE-2014-0674?
CVE-2014-0674 is a vulnerability with a CVSS score of 6.8 (MEDIUM). Cisco Video Surveillance Operations Manager (VSOM) does not require authentication for MySQL database connections, which allows remote attackers to obtain sensitive information, modify data, or cause ...
How severe is CVE-2014-0674?
CVE-2014-0674 has been rated MEDIUM with a CVSS base score of 6.8/10. Review the CVSS metrics above for detailed severity breakdown.
Is there a patch for CVE-2014-0674?
Check the references section above for vendor advisories and patch information. Affected products include: Cisco Video Surveillance Operations Manager.