CiscoWorks Common Management Foundation (CMF) 2.1 and earlier allows the guest user to gain administrative privileges via a certain POST request to com.cisco.nm.cmf.servlet.CsAuthServlet, possibly involving the "cmd" parameter with a modifyUser value and a modified "priviledges" parameter.
References
Link | Resource |
---|---|
http://www.cisco.com/warp/public/707/cisco-sa-20030813-cmf.shtml | Patch Vendor Advisory |
http://www.securityfocus.com/archive/1/333028 | Exploit Vendor Advisory |
History
No history.
MITRE Information
Status: PUBLISHED
Assigner: mitre
Published: 2022-10-03T16:15:43
Updated: 2022-10-03T16:15:43
Reserved: 2022-10-03T00:00:00
Link: CVE-2003-0731
JSON object: View
NVD Information
Status : Analyzed
Published: 2003-10-20T04:00:00.000
Modified: 2008-09-10T19:20:19.413
Link: CVE-2003-0731
JSON object: View
Redhat Information
No data.
CWE