Cisco: >> Resource Manager Essentials >> 2.0 Security Vulnerabilities
CiscoWorks Common Management Foundation (CMF) 2.1 and earlier allows the guest user to gain administrative privileges via a certain POST request to com.cisco.nm.cmf.servlet.CsAuthServlet, possibly involving the "cmd" parameter with a modifyUser value and a modified "priviledges" parameter.
CVSS Score
10.0
EPSS Score
0.004
Published
2003-10-20
CiscoWorks Common Management Foundation (CMF) 2.1 and earlier allows the guest user to obtain restricted information and possibly gain administrative privileges by changing the "guest" user to the Admin user on the Modify or delete users pages.
CVSS Score
10.0
EPSS Score
0.004
Published
2003-10-20