{"api_version":"1","generated_at":"2026-04-23T03:17:13+00:00","cve":"CVE-2003-0732","urls":{"html":"https://cve.report/CVE-2003-0732","api":"https://cve.report/api/cve/CVE-2003-0732.json","docs":"https://cve.report/api","cve_org":"https://www.cve.org/CVERecord?id=CVE-2003-0732","nvd":"https://nvd.nist.gov/vuln/detail/CVE-2003-0732"},"summary":{"title":"CVE-2003-0732","description":"CiscoWorks Common Management Foundation (CMF) 2.1 and earlier allows the guest user to obtain restricted information and possibly gain administrative privileges by changing the \"guest\" user to the Admin user on the Modify or delete users pages.","state":"PUBLISHED","assigner":"mitre","published_at":"2003-10-20 04:00:00","updated_at":"2025-04-03 01:03:51"},"problem_types":["NVD-CWE-Other","n/a"],"metrics":[{"version":"2.0","source":"nvd@nist.gov","type":"Primary","score":"10","severity":"","vector":"AV:N/AC:L/Au:N/C:C/I:C/A:C","data":{"version":"2.0","vectorString":"AV:N/AC:L/Au:N/C:C/I:C/A:C","baseScore":10,"accessVector":"NETWORK","accessComplexity":"LOW","authentication":"NONE","confidentialityImpact":"COMPLETE","integrityImpact":"COMPLETE","availabilityImpact":"COMPLETE"}}],"references":[{"url":"http://www.securityfocus.com/archive/1/333028","name":"http://www.securityfocus.com/archive/1/333028","refsource":"af854a3a-2127-422b-91ae-364da2661108","tags":["Exploit","Vendor Advisory"],"title":"SecurityFocus","mime":"text/html","httpstatus":"200","archivestatus":"200"},{"url":"http://www.cisco.com/warp/public/707/cisco-sa-20030813-cmf.shtml","name":"http://www.cisco.com/warp/public/707/cisco-sa-20030813-cmf.shtml","refsource":"af854a3a-2127-422b-91ae-364da2661108","tags":["Patch","Vendor Advisory"],"title":"Cisco - Networking, Cloud, and Cybersecurity Solutions","mime":"text/html","httpstatus":"200","archivestatus":"200"},{"url":"https://www.cve.org/CVERecord?id=CVE-2003-0732","name":"CVE Program record","refsource":"CVE.ORG","tags":["canonical"]},{"url":"https://nvd.nist.gov/vuln/detail/CVE-2003-0732","name":"NVD vulnerability detail","refsource":"NVD","tags":["canonical","analysis"]}],"affected":[{"source":"CNA","vendor":"n/a","product":"n/a","version":"affected n/a","platforms":[]}],"timeline":[],"solutions":[],"workarounds":[],"exploits":[],"credits":[],"nvd_cpes":[{"cve_year":"2003","cve_id":"732","vulnerable":"1","versionEndIncluding":"","cpe1":"cpe","cpe2":"2.3","cpe3":"o","cpe4":"cisco","cpe5":"ciscoworks_cd1","cpe6":"1st","cpe7":"*","cpe8":"*","cpe9":"*","cpe10":"*","cpe11":"*","cpe12":"*","cpe13":"*"},{"cve_year":"2003","cve_id":"732","vulnerable":"1","versionEndIncluding":"","cpe1":"cpe","cpe2":"2.3","cpe3":"o","cpe4":"cisco","cpe5":"ciscoworks_cd1","cpe6":"2nd","cpe7":"*","cpe8":"*","cpe9":"*","cpe10":"*","cpe11":"*","cpe12":"*","cpe13":"*"},{"cve_year":"2003","cve_id":"732","vulnerable":"1","versionEndIncluding":"","cpe1":"cpe","cpe2":"2.3","cpe3":"o","cpe4":"cisco","cpe5":"ciscoworks_cd1","cpe6":"3rd","cpe7":"*","cpe8":"*","cpe9":"*","cpe10":"*","cpe11":"*","cpe12":"*","cpe13":"*"},{"cve_year":"2003","cve_id":"732","vulnerable":"1","versionEndIncluding":"","cpe1":"cpe","cpe2":"2.3","cpe3":"o","cpe4":"cisco","cpe5":"ciscoworks_cd1","cpe6":"4th","cpe7":"*","cpe8":"*","cpe9":"*","cpe10":"*","cpe11":"*","cpe12":"*","cpe13":"*"},{"cve_year":"2003","cve_id":"732","vulnerable":"1","versionEndIncluding":"","cpe1":"cpe","cpe2":"2.3","cpe3":"o","cpe4":"cisco","cpe5":"ciscoworks_cd1","cpe6":"5th","cpe7":"*","cpe8":"*","cpe9":"*","cpe10":"*","cpe11":"*","cpe12":"*","cpe13":"*"},{"cve_year":"2003","cve_id":"732","vulnerable":"1","versionEndIncluding":"","cpe1":"cpe","cpe2":"2.3","cpe3":"a","cpe4":"cisco","cpe5":"ciscoworks_common_management_foundation","cpe6":"2.0","cpe7":"*","cpe8":"*","cpe9":"*","cpe10":"*","cpe11":"*","cpe12":"*","cpe13":"*"},{"cve_year":"2003","cve_id":"732","vulnerable":"1","versionEndIncluding":"","cpe1":"cpe","cpe2":"2.3","cpe3":"a","cpe4":"cisco","cpe5":"ciscoworks_common_management_foundation","cpe6":"2.1","cpe7":"*","cpe8":"*","cpe9":"*","cpe10":"*","cpe11":"*","cpe12":"*","cpe13":"*"},{"cve_year":"2003","cve_id":"732","vulnerable":"1","versionEndIncluding":"","cpe1":"cpe","cpe2":"2.3","cpe3":"a","cpe4":"cisco","cpe5":"resource_manager","cpe6":"1.0","cpe7":"*","cpe8":"*","cpe9":"*","cpe10":"*","cpe11":"*","cpe12":"*","cpe13":"*"},{"cve_year":"2003","cve_id":"732","vulnerable":"1","versionEndIncluding":"","cpe1":"cpe","cpe2":"2.3","cpe3":"a","cpe4":"cisco","cpe5":"resource_manager","cpe6":"1.1","cpe7":"*","cpe8":"*","cpe9":"*","cpe10":"*","cpe11":"*","cpe12":"*","cpe13":"*"},{"cve_year":"2003","cve_id":"732","vulnerable":"1","versionEndIncluding":"","cpe1":"cpe","cpe2":"2.3","cpe3":"a","cpe4":"cisco","cpe5":"resource_manager_essentials","cpe6":"2.0","cpe7":"*","cpe8":"*","cpe9":"*","cpe10":"*","cpe11":"*","cpe12":"*","cpe13":"*"},{"cve_year":"2003","cve_id":"732","vulnerable":"1","versionEndIncluding":"","cpe1":"cpe","cpe2":"2.3","cpe3":"a","cpe4":"cisco","cpe5":"resource_manager_essentials","cpe6":"2.1","cpe7":"*","cpe8":"*","cpe9":"*","cpe10":"*","cpe11":"*","cpe12":"*","cpe13":"*"},{"cve_year":"2003","cve_id":"732","vulnerable":"1","versionEndIncluding":"","cpe1":"cpe","cpe2":"2.3","cpe3":"a","cpe4":"cisco","cpe5":"resource_manager_essentials","cpe6":"2.2","cpe7":"*","cpe8":"*","cpe9":"*","cpe10":"*","cpe11":"*","cpe12":"*","cpe13":"*"}],"vendor_comments":[],"enrichments":{"kev":null,"epss":null,"legacy_qids":[]},"source_records":{"cve_program":{"containers":{"adp":[{"providerMetadata":{"dateUpdated":"2024-08-08T02:05:12.525Z","orgId":"af854a3a-2127-422b-91ae-364da2661108","shortName":"CVE"},"references":[{"name":"20030813 Portcullis Security Advisory: CiscoWorks 2000 Privilege Escalation Vulnerabilities","tags":["mailing-list","x_refsource_BUGTRAQ","x_transferred"],"url":"http://www.securityfocus.com/archive/1/333028"},{"name":"20030813 CiscoWorks Application Vulnerabilities","tags":["vendor-advisory","x_refsource_CISCO","x_transferred"],"url":"http://www.cisco.com/warp/public/707/cisco-sa-20030813-cmf.shtml"}],"title":"CVE Program Container"}],"cna":{"affected":[{"product":"n/a","vendor":"n/a","versions":[{"status":"affected","version":"n/a"}]}],"descriptions":[{"lang":"en","value":"CiscoWorks Common Management Foundation (CMF) 2.1 and earlier allows the guest user to obtain restricted information and possibly gain administrative privileges by changing the \"guest\" user to the Admin user on the Modify or delete users pages."}],"problemTypes":[{"descriptions":[{"description":"n/a","lang":"en","type":"text"}]}],"providerMetadata":{"dateUpdated":"2003-09-04T04:00:00.000Z","orgId":"8254265b-2729-46b6-b9e3-3dfca2d5bfca","shortName":"mitre"},"references":[{"name":"20030813 Portcullis Security Advisory: CiscoWorks 2000 Privilege Escalation Vulnerabilities","tags":["mailing-list","x_refsource_BUGTRAQ"],"url":"http://www.securityfocus.com/archive/1/333028"},{"name":"20030813 CiscoWorks Application Vulnerabilities","tags":["vendor-advisory","x_refsource_CISCO"],"url":"http://www.cisco.com/warp/public/707/cisco-sa-20030813-cmf.shtml"}],"x_legacyV4Record":{"CVE_data_meta":{"ASSIGNER":"cve@mitre.org","ID":"CVE-2003-0732","STATE":"PUBLIC"},"affects":{"vendor":{"vendor_data":[{"product":{"product_data":[{"product_name":"n/a","version":{"version_data":[{"version_value":"n/a"}]}}]},"vendor_name":"n/a"}]}},"data_format":"MITRE","data_type":"CVE","data_version":"4.0","description":{"description_data":[{"lang":"eng","value":"CiscoWorks Common Management Foundation (CMF) 2.1 and earlier allows the guest user to obtain restricted information and possibly gain administrative privileges by changing the \"guest\" user to the Admin user on the Modify or delete users pages."}]},"problemtype":{"problemtype_data":[{"description":[{"lang":"eng","value":"n/a"}]}]},"references":{"reference_data":[{"name":"20030813 Portcullis Security Advisory: CiscoWorks 2000 Privilege Escalation Vulnerabilities","refsource":"BUGTRAQ","url":"http://www.securityfocus.com/archive/1/333028"},{"name":"20030813 CiscoWorks Application Vulnerabilities","refsource":"CISCO","url":"http://www.cisco.com/warp/public/707/cisco-sa-20030813-cmf.shtml"}]}}}},"cveMetadata":{"assignerOrgId":"8254265b-2729-46b6-b9e3-3dfca2d5bfca","assignerShortName":"mitre","cveId":"CVE-2003-0732","datePublished":"2003-09-04T04:00:00.000Z","dateReserved":"2003-09-03T00:00:00.000Z","dateUpdated":"2024-09-17T01:00:40.965Z","state":"PUBLISHED"},"dataType":"CVE_RECORD","dataVersion":"5.1"},"nvd":{"publishedDate":"2003-10-20 04:00:00","lastModifiedDate":"2025-04-03 01:03:51","problem_types":["NVD-CWE-Other","n/a"],"metrics":{"cvssMetricV2":[{"source":"nvd@nist.gov","type":"Primary","cvssData":{"version":"2.0","vectorString":"AV:N/AC:L/Au:N/C:C/I:C/A:C","baseScore":10,"accessVector":"NETWORK","accessComplexity":"LOW","authentication":"NONE","confidentialityImpact":"COMPLETE","integrityImpact":"COMPLETE","availabilityImpact":"COMPLETE"},"baseSeverity":"HIGH","exploitabilityScore":10,"impactScore":10,"acInsufInfo":false,"obtainAllPrivilege":true,"obtainUserPrivilege":false,"obtainOtherPrivilege":false,"userInteractionRequired":false}]},"configurations":[{"nodes":[{"operator":"OR","negate":false,"cpeMatch":[{"vulnerable":true,"criteria":"cpe:2.3:a:cisco:resource_manager:1.0:*:*:*:*:*:*:*","matchCriteriaId":"6CD172F3-4964-410A-A7E9-5659DE662734"},{"vulnerable":true,"criteria":"cpe:2.3:a:cisco:resource_manager:1.1:*:*:*:*:*:*:*","matchCriteriaId":"8305C239-6496-4CF9-9515-FDE7478877E7"},{"vulnerable":true,"criteria":"cpe:2.3:a:cisco:resource_manager_essentials:2.0:*:*:*:*:*:*:*","matchCriteriaId":"F2C398A1-1539-4D21-A486-DDE591546949"},{"vulnerable":true,"criteria":"cpe:2.3:a:cisco:resource_manager_essentials:2.1:*:*:*:*:*:*:*","matchCriteriaId":"D70C0ACD-9782-468D-B283-6AA5DBEBAA8C"},{"vulnerable":true,"criteria":"cpe:2.3:a:cisco:resource_manager_essentials:2.2:*:*:*:*:*:*:*","matchCriteriaId":"006C6865-45CE-4150-9FD6-C31138DBF1DC"}]}]},{"nodes":[{"operator":"OR","negate":false,"cpeMatch":[{"vulnerable":true,"criteria":"cpe:2.3:a:cisco:ciscoworks_common_management_foundation:2.0:*:*:*:*:*:*:*","matchCriteriaId":"716ABF75-32B2-4E9A-A612-BA06C5C2E17D"},{"vulnerable":true,"criteria":"cpe:2.3:a:cisco:ciscoworks_common_management_foundation:2.1:*:*:*:*:*:*:*","matchCriteriaId":"3954D0D1-9FDF-47D0-9710-D0FB06955B8B"},{"vulnerable":true,"criteria":"cpe:2.3:o:cisco:ciscoworks_cd1:1st:*:*:*:*:*:*:*","matchCriteriaId":"419D225D-28FD-4D76-ACBF-45EA35B9973E"},{"vulnerable":true,"criteria":"cpe:2.3:o:cisco:ciscoworks_cd1:2nd:*:*:*:*:*:*:*","matchCriteriaId":"AF809BC6-93A5-4B1D-BC3C-2A41F32D4A92"},{"vulnerable":true,"criteria":"cpe:2.3:o:cisco:ciscoworks_cd1:3rd:*:*:*:*:*:*:*","matchCriteriaId":"EED9047B-5AA5-49C1-B8D1-690D505082D7"},{"vulnerable":true,"criteria":"cpe:2.3:o:cisco:ciscoworks_cd1:4th:*:*:*:*:*:*:*","matchCriteriaId":"45096D29-930F-4FE0-A23F-8C57BF62567A"},{"vulnerable":true,"criteria":"cpe:2.3:o:cisco:ciscoworks_cd1:5th:*:*:*:*:*:*:*","matchCriteriaId":"AC6393A1-F3A2-4D73-A845-03C9725B91A9"}]}]}]},"legacy_mitre":{"record":{"CveYear":"2003","CveId":"732","Ordinal":"1","Title":"CVE-2003-0732","CVE":"CVE-2003-0732","Year":"2003"},"notes":[{"CveYear":"2003","CveId":"732","Ordinal":"1","NoteData":"CiscoWorks Common Management Foundation (CMF) 2.1 and earlier allows the guest user to obtain restricted information and possibly gain administrative privileges by changing the \"guest\" user to the Admin user on the Modify or delete users pages.","Type":"Description","Title":"CVE-2003-0732"},{"CveYear":"2003","CveId":"732","Ordinal":"2","NoteData":"2003-09-04","Type":"Other","Title":"Published"}]}}}