SecPod SCAP Repo, a repository of SCAP Content (CVE, CCE, CPE, CWE, OVAL and XCCDF)

Download | Alert*

CVE

CVE-2010-3039

/usr/local/cm/bin/pktCap_protectData in Cisco Unified Communications Manager (aka CUCM, formerly CallManager) 6, 7, and 8 allows remote authenticated administrators to execute arbitrary commands via shell metacharacters in a request to the administrative interface, aka Bug IDs CSCti52041 and CSCti74930.

CVSS Score and Metrics +CVSS Score and Metrics -

CVSS V2 Severity:
CVSS Score : 6.8
Exploit Score: 3.1
Impact Score: 10.0

CVSS V2 Metrics:
Access Vector: LOCAL
Access Complexity: LOW
Authentication: SINGLE
Confidentiality: COMPLETE
Integrity: COMPLETE
Availability: COMPLETE

Reference:

SECTRACK-1024694

http://www.securityfocus.com/archive/1/514668/100/0/threaded

SECUNIA-42129

BID-44672

ADV-2010-2915

http://tools.cisco.com/security/center/viewAlert.x?alertId=21656

http://www.nsense.fi/advisories/nsense_2010_003.txt


30479



423868



248268



909



195051



282