Cisco Unified Customer Voice Portal Vulnerability Allowing Unauthorized Superuser Account Manipulation
CVE-2008-2053

Currently unrated

Key Information:

Vendor: Cisco
Status: Unified Customer Voice Portal
Vendor: CVE Published:; 22 May 2008

Summary

Cisco Unified Customer Voice Portal versions 4.0.x prior to 4.0(2)_ES14, 4.1.x prior to 4.1(1)_ES11, and 7.x prior to 7.0(1) contain an unspecified vulnerability that enables remote authenticated users with administrative privileges to create, modify, or delete superuser accounts. This can lead to significant security risks, allowing unauthorized escalations in user accountability and control over the system.

References

http://secunia.com/advisories/30289

third-party-advisoryx_refsource_SECUNIA

http://www.securityfocus.com/bid/29315

vdb-entryx_refsource_BID

http://www.cisco.com/en/US/products/products_security_adv...

vendor-advisoryx_refsource_CISCO

Timeline

Vulnerability published
May 22, 2008
Vulnerability Reserved
May 2, 2008