Cisco Unified Communications Manager Concurrent Login Security Bypass Vulnerability

Bugtraq ID:	69068
Class:	Design Error
CVE:	CVE-2014-3332
Remote:	Yes
Local:	No
Published:	Aug 06 2014 12:00AM
Updated:	Aug 11 2014 12:22AM
Credit:	Cisco
Vulnerable:	Cisco Unified Communications Manager 8.6
Not Vulnerable:

Cisco Unified Communications Manager Concurrent Login Security Bypass Vulnerability

Cisco Unified Communications Manager is prone to a remote security-bypass vulnerability.

Successfully exploiting this issue may allow an attacker to bypass certain security restrictions and perform unauthorized actions.

This issue is being tracked by Cisco Bug ID CSCup98029.

Cisco Unified Communications Manager Concurrent Login Security Bypass Vulnerability

Attackers can use standard, readily available tools to exploit this issue.

Cisco Unified Communications Manager Concurrent Login Security Bypass Vulnerability

Solution:
Currently, we are not aware of any vendor-supplied patches. If you feel we are in error or if you are aware of more recent information, please mail us at: [email protected].

Cisco Unified Communications Manager Concurrent Login Security Bypass Vulnerability

References:

• Cisco TelePresence Homepage (Cisco)
  
• Cisco Homepage (Cisco)