Privilege Escalation Vulnerability in Cisco Context Directory Agent
CVE-2014-0651

Currently unrated

Key Information:

Vendor: Cisco
Status: Context Directory Agent
Vendor: CVE Published:; 8 January 2014

What is CVE-2014-0651?

The administrative interface in Cisco Context Directory Agent (CDA) fails to enforce proper authorization mechanisms. This security gap can allow a remote authenticated user to hijack an existing administrator session, thereby granting them unauthorized administrative access. This vulnerability could potentially lead to significant security breaches if exploited, making timely remediation essential.

References

http://osvdb.org/101809

vdb-entryx_refsource_OSVDB

http://tools.cisco.com/security/center/viewAlert.x?alertI...

x_refsource_CONFIRM

http://secunia.com/advisories/56365

third-party-advisoryx_refsource_SECUNIA

Download the Critical Vulnerability Management Cheat Sheet

Timeline

Vulnerability published
Jan 8, 2014
Vulnerability Reserved
Jan 2, 2014