Sign-up

ID

VAR-201402-0208


CVE

CVE-2014-0730


TITLE

Cisco Unified Computing System Central Vulnerability gained privilege in software

Trust: 0.8

sources: JVNDB: JVNDB-2014-001453

DESCRIPTION

Cisco Unified Computing System (UCS) Central Software 1.1 and earlier allows local users to gain privileges via a CLI copy command in a local-mgmt context, aka Bug ID CSCul53128. A local attacker can exploit this issue to execute arbitrary commands with elevated privileges. This issue is being tracked by Cisco Bug ID CSCul53128. The system integrates network, computing and virtualization resources into one platform by extensively adopting virtualization technology

Trust: 1.98

sources: NVD: CVE-2014-0730 // JVNDB: JVNDB-2014-001453 // BID: 65638 // VULHUB: VHN-68223

AFFECTED PRODUCTS

vendor:ciscomodel:unified computing system central softwarescope:lteversion:1.1

Trust: 1.8

vendor:ciscomodel:unified computing system central softwarescope:eqversion:1.0

Trust: 1.6

vendor:ciscomodel:unified computing system central softwarescope:eqversion:1.1

Trust: 0.6

sources: JVNDB: JVNDB-2014-001453 // CNNVD: CNNVD-201402-320 // NVD: CVE-2014-0730

CVSS

SEVERITY

CVSSV2

CVSSV3

nvd@nist.gov: CVE-2014-0730
value: MEDIUM

Trust: 1.0

NVD: CVE-2014-0730
value: MEDIUM

Trust: 0.8

CNNVD: CNNVD-201402-320
value: MEDIUM

Trust: 0.6

VULHUB: VHN-68223
value: MEDIUM

Trust: 0.1

nvd@nist.gov: CVE-2014-0730
severity: MEDIUM
baseScore: 6.8
vectorString: AV:L/AC:L/AU:S/C:C/I:C/A:C
accessVector: LOCAL
accessComplexity: LOW
authentication: SINGLE
confidentialityImpact: COMPLETE
integrityImpact: COMPLETE
availabilityImpact: COMPLETE
exploitabilityScore: 3.1
impactScore: 10.0
acInsufInfo: NONE
obtainAllPrivilege: NONE
obtainUserPrivilege: NONE
obtainOtherPrivilege: NONE
userInteractionRequired: NONE
version: 2.0

Trust: 1.8

VULHUB: VHN-68223
severity: MEDIUM
baseScore: 6.8
vectorString: AV:L/AC:L/AU:S/C:C/I:C/A:C
accessVector: LOCAL
accessComplexity: LOW
authentication: SINGLE
confidentialityImpact: COMPLETE
integrityImpact: COMPLETE
availabilityImpact: COMPLETE
exploitabilityScore: 3.1
impactScore: 10.0
acInsufInfo: NONE
obtainAllPrivilege: NONE
obtainUserPrivilege: NONE
obtainOtherPrivilege: NONE
userInteractionRequired: NONE
version: 2.0

Trust: 0.1

sources: VULHUB: VHN-68223 // JVNDB: JVNDB-2014-001453 // CNNVD: CNNVD-201402-320 // NVD: CVE-2014-0730

PROBLEMTYPE DATA

problemtype:CWE-20

Trust: 1.9

sources: VULHUB: VHN-68223 // JVNDB: JVNDB-2014-001453 // NVD: CVE-2014-0730

THREAT TYPE

local

Trust: 0.9

sources: BID: 65638 // CNNVD: CNNVD-201402-320

TYPE

input validation

Trust: 0.6

sources: CNNVD: CNNVD-201402-320

CONFIGURATIONS

sources:
            
            
            JVNDB: JVNDB-2014-001453

PATCH
title:Cisco Unified Computing System Central Software Privilege Escalation Vulnerabilityurl:http://tools.cisco.com/security/center/content/CiscoSecurityNotice/CVE-2014-0730
Trust: 0.8
title:32910url:http://tools.cisco.com/security/center/viewAlert.x?alertId=32910
Trust: 0.8
sources:
            
            
            JVNDB: JVNDB-2014-001453

EXTERNAL IDS
db:NVDid:CVE-2014-0730
Trust: 2.8
db:JVNDBid:JVNDB-2014-001453
Trust: 0.8
db:CNNVDid:CNNVD-201402-320
Trust: 0.7
db:CISCOid:20140218 CISCO UNIFIED COMPUTING SYSTEM CENTRAL SOFTWARE PRIVILEGE ESCALATION VULNERABILITY
Trust: 0.6
db:BIDid:65638
Trust: 0.4
db:VULHUBid:VHN-68223
Trust: 0.1
sources:
            
            
            VULHUB: VHN-68223 // 
            
            
            
            BID: 65638 // 
            
            
            
            JVNDB: JVNDB-2014-001453 // 
            
            
            
            CNNVD: CNNVD-201402-320 // 
            
            
            
            NVD: CVE-2014-0730

REFERENCES
url:http://tools.cisco.com/security/center/content/ciscosecuritynotice/cve-2014-0730
Trust: 1.7
url:http://tools.cisco.com/security/center/viewalert.x?alertid=32910
Trust: 1.7
url:http://cve.mitre.org/cgi-bin/cvename.cgi?name=cve-2014-0730
Trust: 0.8
url:http://web.nvd.nist.gov/view/vuln/detail?vulnid=cve-2014-0730
Trust: 0.8
url:http://www.cisco.com/
Trust: 0.3
sources:
            
            
            VULHUB: VHN-68223 // 
            
            
            
            BID: 65638 // 
            
            
            
            JVNDB: JVNDB-2014-001453 // 
            
            
            
            CNNVD: CNNVD-201402-320 // 
            
            
            
            NVD: CVE-2014-0730

CREDITS
Cisco
Trust: 0.3
sources:
            
            
            BID: 65638

SOURCES
db:VULHUBid:VHN-68223
db:BIDid:65638
db:JVNDBid:JVNDB-2014-001453
db:CNNVDid:CNNVD-201402-320
db:NVDid:CVE-2014-0730

LAST UPDATE DATE
2025-04-11T22:53:06.974000+00:00

SOURCES UPDATE DATE
db:VULHUBid:VHN-68223date:2014-02-24T00:00:00
db:BIDid:65638date:2014-02-21T00:30:00
db:JVNDBid:JVNDB-2014-001453date:2014-02-25T00:00:00
db:CNNVDid:CNNVD-201402-320date:2014-02-26T00:00:00
db:NVDid:CVE-2014-0730date:2025-04-11T00:51:21.963

SOURCES RELEASE DATE
db:VULHUBid:VHN-68223date:2014-02-22T00:00:00
db:BIDid:65638date:2014-02-18T00:00:00
db:JVNDBid:JVNDB-2014-001453date:2014-02-25T00:00:00
db:CNNVDid:CNNVD-201402-320date:2014-02-26T00:00:00
db:NVDid:CVE-2014-0730date:2014-02-22T21:55:09.640