Cisco Bug: CSCum95461 - CUCM Admin CLI command for CAPF CERT allows arbitary file read/write
Aug 06, 2018
- Cisco Unified Communications Manager (CallManager)
Known Affected Releases
Symptom: Using the Certificate Authority Proxy Function (CAPF) certificate import command line interface (CLI) of Cisco Unified Communications Manager (UCM) a user could read from or write to arbitrary files of the underlying operating system. The issue is due to insufficient input validation. Conditions: Default installation of an affected release of Cisco UCM.
Bug details contain sensitive information and therefore require a Cisco.com account to be viewed.
Bug Details Include
- Full Description (including symptoms, conditions and workarounds)
- Known Fixed Releases
- Related Community Discussions
- Number of Related Support Cases