Vulnerability Description
The Management subsystem in Cisco Unified Computing System 2.1(3f) and earlier allows remote attackers to obtain sensitive information by reading log files, aka Bug ID CSCur99239.
CVSS Score
5.0
MEDIUM
AV:N/AC:L/Au:N/C:P/I:N/A:N
Affected Products
| Vendor | Product | Versions |
|---|---|---|
| Cisco | Unified Computing System | <= 2.1\(3f\) |
Related Weaknesses (CWE)
References
- http://tools.cisco.com/security/center/content/CiscoSecurityNotice/CVE-2014-8009Vendor Advisory
- http://tools.cisco.com/security/center/viewAlert.x?alertId=36640Vendor Advisory
- http://tools.cisco.com/security/center/content/CiscoSecurityNotice/CVE-2014-8009Vendor Advisory
- http://tools.cisco.com/security/center/viewAlert.x?alertId=36640Vendor Advisory
FAQ
What is CVE-2014-8009?
CVE-2014-8009 is a vulnerability with a CVSS score of 5.0 (MEDIUM). The Management subsystem in Cisco Unified Computing System 2.1(3f) and earlier allows remote attackers to obtain sensitive information by reading log files, aka Bug ID CSCur99239.
How severe is CVE-2014-8009?
CVE-2014-8009 has been rated MEDIUM with a CVSS base score of 5.0/10. Review the CVSS metrics above for detailed severity breakdown.
Is there a patch for CVE-2014-8009?
Check the references section above for vendor advisories and patch information. Affected products include: Cisco Unified Computing System.