CVE-2014-0686

Cisco Unified Communications Manager (aka Unified CM) 9.1 (2.10000.28) and earlier allows local users to gain privileges by leveraging incorrect file permissions, aka Bug IDs CSCul24917 and CSCul24908.
ProviderTypeBase ScoreAtk. VectorAtk. ComplexityPriv. RequiredVector
NISTNIST
6 UNKNOWN
LOCAL
HIGH
AV:L/AC:H/Au:S/C:C/I:C/A:C
ciscoCNA
---
---
CVEADP
---
---
Base Score
CVSS 3.x
EPSS Score
Percentile: 5%
VendorProductVersion
ciscounified_communications_manager
𝑥
≤ 9.1\(2.10000.28\)
ciscounified_communications_manager
9.1\(1\)
ciscounified_communications_manager
9.1\(2\)
𝑥
= Vulnerable software versions
Common Weakness Enumeration
References
http://osvdb.org/102750
http://secunia.com/advisories/56818
http://tools.cisco.com/security/center/content/CiscoSecurityNotice/CVE-2014-0686
http://tools.cisco.com/security/center/viewAlert.x?alertId=32683
http://www.securityfocus.com/bid/65281
https://exchange.xforce.ibmcloud.com/vulnerabilities/90852
http://osvdb.org/102750
http://secunia.com/advisories/56818
http://tools.cisco.com/security/center/content/CiscoSecurityNotice/CVE-2014-0686
http://tools.cisco.com/security/center/viewAlert.x?alertId=32683
http://www.securityfocus.com/bid/65281
https://exchange.xforce.ibmcloud.com/vulnerabilities/90852