CVE-2003-0731
Severity CVSS v4.0:
Pending analysis
Type:
Unavailable / Other
Publication date:
20/10/2003
Last modified:
03/04/2025
Description
CiscoWorks Common Management Foundation (CMF) 2.1 and earlier allows the guest user to gain administrative privileges via a certain POST request to com.cisco.nm.cmf.servlet.CsAuthServlet, possibly involving the "cmd" parameter with a modifyUser value and a modified "priviledges" parameter.
Impact
Base Score 2.0
10.00
Severity 2.0
HIGH
Vulnerable products and versions
| CPE | From | Up to |
|---|---|---|
| cpe:2.3:a:cisco:resource_manager:1.0:*:*:*:*:*:*:* | ||
| cpe:2.3:a:cisco:resource_manager:1.1:*:*:*:*:*:*:* | ||
| cpe:2.3:a:cisco:resource_manager_essentials:2.0:*:*:*:*:*:*:* | ||
| cpe:2.3:a:cisco:resource_manager_essentials:2.1:*:*:*:*:*:*:* | ||
| cpe:2.3:a:cisco:resource_manager_essentials:2.2:*:*:*:*:*:*:* | ||
| cpe:2.3:a:cisco:ciscoworks_common_management_foundation:2.0:*:*:*:*:*:*:* | ||
| cpe:2.3:a:cisco:ciscoworks_common_management_foundation:2.1:*:*:*:*:*:*:* | ||
| cpe:2.3:o:cisco:ciscoworks_cd1:1st:*:*:*:*:*:*:* | ||
| cpe:2.3:o:cisco:ciscoworks_cd1:2nd:*:*:*:*:*:*:* | ||
| cpe:2.3:o:cisco:ciscoworks_cd1:3rd:*:*:*:*:*:*:* | ||
| cpe:2.3:o:cisco:ciscoworks_cd1:4th:*:*:*:*:*:*:* | ||
| cpe:2.3:o:cisco:ciscoworks_cd1:5th:*:*:*:*:*:*:* |
To consult the complete list of CPE names with products and versions, see this page