Vulnerability Description
Cisco Unified Communications Manager (aka Unified CM) 9.1 (2.10000.28) and earlier allows local users to gain privileges by leveraging incorrect file permissions, aka Bug IDs CSCul24917 and CSCul24908.
CVSS Score
6.0
MEDIUM
AV:L/AC:H/Au:S/C:C/I:C/A:C
Affected Products
| Vendor | Product | Versions |
|---|---|---|
| Cisco | Unified Communications Manager | <= 9.1\(2.10000.28\) |
Related Weaknesses (CWE)
References
- http://osvdb.org/102750
- http://secunia.com/advisories/56818
- http://tools.cisco.com/security/center/content/CiscoSecurityNotice/CVE-2014-0686Vendor Advisory
- http://tools.cisco.com/security/center/viewAlert.x?alertId=32683Vendor Advisory
- http://www.securityfocus.com/bid/65281
- https://exchange.xforce.ibmcloud.com/vulnerabilities/90852
- http://osvdb.org/102750
- http://secunia.com/advisories/56818
- http://tools.cisco.com/security/center/content/CiscoSecurityNotice/CVE-2014-0686Vendor Advisory
- http://tools.cisco.com/security/center/viewAlert.x?alertId=32683Vendor Advisory
- http://www.securityfocus.com/bid/65281
- https://exchange.xforce.ibmcloud.com/vulnerabilities/90852
FAQ
What is CVE-2014-0686?
CVE-2014-0686 is a vulnerability with a CVSS score of 6.0 (MEDIUM). Cisco Unified Communications Manager (aka Unified CM) 9.1 (2.10000.28) and earlier allows local users to gain privileges by leveraging incorrect file permissions, aka Bug IDs CSCul24917 and CSCul24908...
How severe is CVE-2014-0686?
CVE-2014-0686 has been rated MEDIUM with a CVSS base score of 6.0/10. Review the CVSS metrics above for detailed severity breakdown.
Is there a patch for CVE-2014-0686?
Check the references section above for vendor advisories and patch information. Affected products include: Cisco Unified Communications Manager.