VAR-201406-0309
Vulnerability from variot - Updated: 2025-04-13 23:21The Real Time Monitoring Tool (RTMT) implementation in Cisco Unified Communications Manager (Unified CM) allows remote authenticated users to (1) read or (2) delete arbitrary files via a crafted URL, aka Bug IDs CSCuo17302 and CSCuo17199. Vendors report this vulnerability Bug ID CSCuo17302 ,and CSCuo17199 Published as.Crafted by a remotely authenticated user URL Any file via (1) Read or (2) It may be deleted. An attacker can exploit these issues to download or delete arbitrary files, which may aid in further attacks. These issues are being tracked by Cisco Bug ID CSCuo17302 and CSCuo17199. Real Time Monitoring Tool (RTMT) is one of the real-time monitoring tools. A security vulnerability exists in Cisco Unified CM's RTMT
Show details on source website{
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/VARIoTentry#",
"affected_products": {
"@id": "https://www.variotdbs.pl/ref/affected_products"
},
"configurations": {
"@id": "https://www.variotdbs.pl/ref/configurations"
},
"credits": {
"@id": "https://www.variotdbs.pl/ref/credits"
},
"cvss": {
"@id": "https://www.variotdbs.pl/ref/cvss/"
},
"description": {
"@id": "https://www.variotdbs.pl/ref/description/"
},
"exploit_availability": {
"@id": "https://www.variotdbs.pl/ref/exploit_availability/"
},
"external_ids": {
"@id": "https://www.variotdbs.pl/ref/external_ids/"
},
"iot": {
"@id": "https://www.variotdbs.pl/ref/iot/"
},
"iot_taxonomy": {
"@id": "https://www.variotdbs.pl/ref/iot_taxonomy/"
},
"patch": {
"@id": "https://www.variotdbs.pl/ref/patch/"
},
"problemtype_data": {
"@id": "https://www.variotdbs.pl/ref/problemtype_data/"
},
"references": {
"@id": "https://www.variotdbs.pl/ref/references/"
},
"sources": {
"@id": "https://www.variotdbs.pl/ref/sources/"
},
"sources_release_date": {
"@id": "https://www.variotdbs.pl/ref/sources_release_date/"
},
"sources_update_date": {
"@id": "https://www.variotdbs.pl/ref/sources_update_date/"
},
"threat_type": {
"@id": "https://www.variotdbs.pl/ref/threat_type/"
},
"title": {
"@id": "https://www.variotdbs.pl/ref/title/"
},
"type": {
"@id": "https://www.variotdbs.pl/ref/type/"
}
},
"@id": "https://www.variotdbs.pl/vuln/VAR-201406-0309",
"affected_products": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/affected_products#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
},
"@id": "https://www.variotdbs.pl/ref/sources"
}
},
"data": [
{
"model": "unified communications manager",
"scope": "eq",
"trust": 1.1,
"vendor": "cisco",
"version": "10.0(1)"
},
{
"model": "unified communications manager",
"scope": "eq",
"trust": 1.0,
"vendor": "cisco",
"version": "*"
},
{
"model": "unified communications manager",
"scope": null,
"trust": 0.6,
"vendor": "cisco",
"version": null
}
],
"sources": [
{
"db": "BID",
"id": "67982"
},
{
"db": "JVNDB",
"id": "JVNDB-2014-002805"
},
{
"db": "CNNVD",
"id": "CNNVD-201406-172"
},
{
"db": "NVD",
"id": "CVE-2014-3292"
}
]
},
"configurations": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/configurations#",
"children": {
"@container": "@list"
},
"cpe_match": {
"@container": "@list"
},
"data": {
"@container": "@list"
},
"nodes": {
"@container": "@list"
}
},
"data": [
{
"CVE_data_version": "4.0",
"nodes": [
{
"cpe_match": [
{
"cpe22Uri": "cpe:/a:cisco:unified_communications_manager",
"vulnerable": true
}
],
"operator": "OR"
}
]
}
],
"sources": [
{
"db": "JVNDB",
"id": "JVNDB-2014-002805"
}
]
},
"credits": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/credits#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "Cisco",
"sources": [
{
"db": "BID",
"id": "67982"
}
],
"trust": 0.3
},
"cve": "CVE-2014-3292",
"cvss": {
"@context": {
"cvssV2": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/cvss/cvssV2#"
},
"@id": "https://www.variotdbs.pl/ref/cvss/cvssV2"
},
"cvssV3": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/cvss/cvssV3#"
},
"@id": "https://www.variotdbs.pl/ref/cvss/cvssV3/"
},
"severity": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/cvss/severity#"
},
"@id": "https://www.variotdbs.pl/ref/cvss/severity"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
},
"@id": "https://www.variotdbs.pl/ref/sources"
}
},
"data": [
{
"cvssV2": [
{
"accessComplexity": "LOW",
"accessVector": "NETWORK",
"authentication": "SINGLE",
"author": "nvd@nist.gov",
"availabilityImpact": "PARTIAL",
"baseScore": 5.5,
"confidentialityImpact": "PARTIAL",
"exploitabilityScore": 8.0,
"id": "CVE-2014-3292",
"impactScore": 4.9,
"integrityImpact": "NONE",
"severity": "MEDIUM",
"trust": 1.8,
"vectorString": "AV:N/AC:L/Au:S/C:P/I:N/A:P",
"version": "2.0"
},
{
"accessComplexity": "LOW",
"accessVector": "NETWORK",
"authentication": "SINGLE",
"author": "VULHUB",
"availabilityImpact": "PARTIAL",
"baseScore": 5.5,
"confidentialityImpact": "PARTIAL",
"exploitabilityScore": 8.0,
"id": "VHN-71232",
"impactScore": 4.9,
"integrityImpact": "NONE",
"severity": "MEDIUM",
"trust": 0.1,
"vectorString": "AV:N/AC:L/AU:S/C:P/I:N/A:P",
"version": "2.0"
}
],
"cvssV3": [],
"severity": [
{
"author": "nvd@nist.gov",
"id": "CVE-2014-3292",
"trust": 1.0,
"value": "MEDIUM"
},
{
"author": "NVD",
"id": "CVE-2014-3292",
"trust": 0.8,
"value": "Medium"
},
{
"author": "CNNVD",
"id": "CNNVD-201406-172",
"trust": 0.6,
"value": "MEDIUM"
},
{
"author": "VULHUB",
"id": "VHN-71232",
"trust": 0.1,
"value": "MEDIUM"
}
]
}
],
"sources": [
{
"db": "VULHUB",
"id": "VHN-71232"
},
{
"db": "JVNDB",
"id": "JVNDB-2014-002805"
},
{
"db": "CNNVD",
"id": "CNNVD-201406-172"
},
{
"db": "NVD",
"id": "CVE-2014-3292"
}
]
},
"description": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/description#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "The Real Time Monitoring Tool (RTMT) implementation in Cisco Unified Communications Manager (Unified CM) allows remote authenticated users to (1) read or (2) delete arbitrary files via a crafted URL, aka Bug IDs CSCuo17302 and CSCuo17199. Vendors report this vulnerability Bug ID CSCuo17302 ,and CSCuo17199 Published as.Crafted by a remotely authenticated user URL Any file via (1) Read or (2) It may be deleted. \nAn attacker can exploit these issues to download or delete arbitrary files, which may aid in further attacks. \nThese issues are being tracked by Cisco Bug ID CSCuo17302 and CSCuo17199. Real Time Monitoring Tool (RTMT) is one of the real-time monitoring tools. A security vulnerability exists in Cisco Unified CM\u0027s RTMT",
"sources": [
{
"db": "NVD",
"id": "CVE-2014-3292"
},
{
"db": "JVNDB",
"id": "JVNDB-2014-002805"
},
{
"db": "BID",
"id": "67982"
},
{
"db": "VULHUB",
"id": "VHN-71232"
}
],
"trust": 1.98
},
"external_ids": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/external_ids#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"db": "NVD",
"id": "CVE-2014-3292",
"trust": 2.8
},
{
"db": "SECUNIA",
"id": "58315",
"trust": 1.1
},
{
"db": "SECTRACK",
"id": "1030408",
"trust": 1.1
},
{
"db": "JVNDB",
"id": "JVNDB-2014-002805",
"trust": 0.8
},
{
"db": "CNNVD",
"id": "CNNVD-201406-172",
"trust": 0.7
},
{
"db": "BID",
"id": "67982",
"trust": 0.4
},
{
"db": "VULHUB",
"id": "VHN-71232",
"trust": 0.1
}
],
"sources": [
{
"db": "VULHUB",
"id": "VHN-71232"
},
{
"db": "BID",
"id": "67982"
},
{
"db": "JVNDB",
"id": "JVNDB-2014-002805"
},
{
"db": "CNNVD",
"id": "CNNVD-201406-172"
},
{
"db": "NVD",
"id": "CVE-2014-3292"
}
]
},
"id": "VAR-201406-0309",
"iot": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/iot#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": true,
"sources": [
{
"db": "VULHUB",
"id": "VHN-71232"
}
],
"trust": 0.01
},
"last_update_date": "2025-04-13T23:21:26.234000Z",
"patch": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/patch#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"title": "Multiple Vulnerabilities in Real-Time Monitoring Tool of Cisco Unified Communications Manager",
"trust": 0.8,
"url": "http://tools.cisco.com/security/center/content/CiscoSecurityNotice/CVE-2014-3292"
},
{
"title": "34574",
"trust": 0.8,
"url": "http://tools.cisco.com/security/center/viewAlert.x?alertId=34574"
}
],
"sources": [
{
"db": "JVNDB",
"id": "JVNDB-2014-002805"
}
]
},
"problemtype_data": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/problemtype_data#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"problemtype": "CWE-20",
"trust": 1.9
}
],
"sources": [
{
"db": "VULHUB",
"id": "VHN-71232"
},
{
"db": "JVNDB",
"id": "JVNDB-2014-002805"
},
{
"db": "NVD",
"id": "CVE-2014-3292"
}
]
},
"references": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/references#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"trust": 2.0,
"url": "http://tools.cisco.com/security/center/content/ciscosecuritynotice/cve-2014-3292"
},
{
"trust": 1.4,
"url": "http://tools.cisco.com/security/center/viewalert.x?alertid=34574"
},
{
"trust": 1.1,
"url": "http://www.securitytracker.com/id/1030408"
},
{
"trust": 1.1,
"url": "http://secunia.com/advisories/58315"
},
{
"trust": 0.8,
"url": "http://cve.mitre.org/cgi-bin/cvename.cgi?name=cve-2014-3292"
},
{
"trust": 0.8,
"url": "http://web.nvd.nist.gov/view/vuln/detail?vulnid=cve-2014-3292"
},
{
"trust": 0.3,
"url": "http://www.cisco.com/en/us/products/sw/voicesw/ps556/index.html"
}
],
"sources": [
{
"db": "VULHUB",
"id": "VHN-71232"
},
{
"db": "BID",
"id": "67982"
},
{
"db": "JVNDB",
"id": "JVNDB-2014-002805"
},
{
"db": "CNNVD",
"id": "CNNVD-201406-172"
},
{
"db": "NVD",
"id": "CVE-2014-3292"
}
]
},
"sources": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#",
"data": {
"@container": "@list"
}
},
"data": [
{
"db": "VULHUB",
"id": "VHN-71232"
},
{
"db": "BID",
"id": "67982"
},
{
"db": "JVNDB",
"id": "JVNDB-2014-002805"
},
{
"db": "CNNVD",
"id": "CNNVD-201406-172"
},
{
"db": "NVD",
"id": "CVE-2014-3292"
}
]
},
"sources_release_date": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources_release_date#",
"data": {
"@container": "@list"
}
},
"data": [
{
"date": "2014-06-10T00:00:00",
"db": "VULHUB",
"id": "VHN-71232"
},
{
"date": "2014-06-09T00:00:00",
"db": "BID",
"id": "67982"
},
{
"date": "2014-06-11T00:00:00",
"db": "JVNDB",
"id": "JVNDB-2014-002805"
},
{
"date": "2014-06-11T00:00:00",
"db": "CNNVD",
"id": "CNNVD-201406-172"
},
{
"date": "2014-06-10T11:19:35.860000",
"db": "NVD",
"id": "CVE-2014-3292"
}
]
},
"sources_update_date": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources_update_date#",
"data": {
"@container": "@list"
}
},
"data": [
{
"date": "2016-09-08T00:00:00",
"db": "VULHUB",
"id": "VHN-71232"
},
{
"date": "2014-06-09T00:00:00",
"db": "BID",
"id": "67982"
},
{
"date": "2014-06-11T00:00:00",
"db": "JVNDB",
"id": "JVNDB-2014-002805"
},
{
"date": "2014-06-11T00:00:00",
"db": "CNNVD",
"id": "CNNVD-201406-172"
},
{
"date": "2025-04-12T10:46:40.837000",
"db": "NVD",
"id": "CVE-2014-3292"
}
]
},
"threat_type": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/threat_type#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "remote",
"sources": [
{
"db": "CNNVD",
"id": "CNNVD-201406-172"
}
],
"trust": 0.6
},
"title": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/title#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "Cisco Unified Communications Manager of Real Time Monitoring Tool Vulnerable to reading arbitrary files in the Java implementation",
"sources": [
{
"db": "JVNDB",
"id": "JVNDB-2014-002805"
}
],
"trust": 0.8
},
"type": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/type#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "input validation",
"sources": [
{
"db": "CNNVD",
"id": "CNNVD-201406-172"
}
],
"trust": 0.6
}
}
Loading…
Loading…
Sightings
| Author | Source | Type | Date |
|---|
Nomenclature
- Seen: The vulnerability was mentioned, discussed, or observed by the user.
- Confirmed: The vulnerability has been validated from an analyst's perspective.
- Published Proof of Concept: A public proof of concept is available for this vulnerability.
- Exploited: The vulnerability was observed as exploited by the user who reported the sighting.
- Patched: The vulnerability was observed as successfully patched by the user who reported the sighting.
- Not exploited: The vulnerability was not observed as exploited by the user who reported the sighting.
- Not confirmed: The user expressed doubt about the validity of the vulnerability.
- Not patched: The vulnerability was not observed as successfully patched by the user who reported the sighting.
Loading…
Loading…