CVE-2008-2053 - Unspecified vulnerability in Cisco Unified Customer Voice Portal (CVP) 4.0.x before 4.0(2)_ES14, 4.1

CVE-2008-2053

Summary

Unspecified vulnerability in Cisco Unified Customer Voice Portal (CVP) 4.0.x before 4.0(2)_ES14, 4.1.x before 4.1(1)_ES11, and 7.x before 7.0(1) allows remote authenticated users with administrator role privileges to create, modify, or delete a superuser account.

References

Vulnerable Configurations

cpe:2.3:a:cisco:unified_customer_voice_portal:4.0:*:*:*:*:*:*:*
cpe:2.3:a:cisco:unified_customer_voice_portal:4.0:*:*:*:*:*:*:*
cpe:2.3:a:cisco:unified_customer_voice_portal:4.1:*:*:*:*:*:*:*
cpe:2.3:a:cisco:unified_customer_voice_portal:4.1:*:*:*:*:*:*:*
cpe:2.3:a:cisco:unified_customer_voice_portal:7.0:*:*:*:*:*:*:*
cpe:2.3:a:cisco:unified_customer_voice_portal:7.0:*:*:*:*:*:*:*

CVSS

Base:	9.0 (as of 08-08-2017 - 01:30)
Impact:
Exploitability:

CWE

NVD-CWE-noinfo

CAPEC

Access

Vector	Complexity	Authentication
NETWORK	LOW	SINGLE

Impact

Confidentiality	Integrity	Availability
COMPLETE	COMPLETE	COMPLETE

cvss-vector via4

AV:N/AC:L/Au:S/C:C/I:C/A:C

refmap via4

bid	29315
cisco	20080521 Cisco Voice Portal Privilege Escalation Vulnerability
sectrack	1020080
secunia	30289
vupen	ADV-2008-1603
xf	cisco-cvp-unspecified-privilege-escalation(42564)

Last major update

08-08-2017 - 01:30

Published

22-05-2008 - 13:09

Last modified

08-08-2017 - 01:30