Command Injection Vulnerability in Cisco Unified Communications Domain Manager
CVE-2014-8010

Currently unrated

Key Information:

Vendor
Cisco
Status
Unified Communications Domain Manager
Vendor
CVE Published:
10 December 2014

Summary

The web framework within Cisco Unified Communications Domain Manager 8 is susceptible to command injection attacks. This vulnerability allows remote authenticated administrators to execute arbitrary operating system commands by submitting specially crafted values. Attackers could leverage this flaw to compromise system integrity and confidentiality, posing significant risks to the network's security posture.

References

http://www.securitytracker.com/id/1031339
vdb-entryx_refsource_SECTRACK
http://tools.cisco.com/security/center/content/CiscoSecur...
vendor-advisoryx_refsource_CISCO

Timeline

  • Vulnerability published

  • Vulnerability Reserved

.