CVE-2014-0657

Description

The administration portal in Cisco Unified Communications Manager (Unified CM) 9.1(1) and earlier does not properly handle role restrictions, which allows remote authenticated users to bypass role-based access control via multiple visits to a forbidden portal URL, aka Bug ID CSCuj83540.

CVSS Version 2.0

nvd
CVE ID: CVE-2014-0657
Base Score: 4.0
Base Severity: MEDIUM
Vector String:AV:N/AC:L/Au:S/C:P/I:N/A:N

Refrence: NVD

Description​

Description