CVE-2010-3039

medium Cisco
CVSS v3 Base Score
6.8
AV:L/AC:L/Au:S/C:C/I:C/A:C
EPSS Score
2.6%
Exploitation probability in 30 days
Top 14% most likely to be exploited
Attack Characteristics
Attack Vector
Local
Attack Complexity
Low
Confidentiality
C
Integrity
C
Availability
C
Published: November 9, 2010 (5664 days ago)
Last Modified: April 29, 2026
Vendor: Cisco
Source: NVD

Description

/usr/local/cm/bin/pktCap_protectData in Cisco Unified Communications Manager (aka CUCM, formerly CallManager) 6, 7, and 8 allows remote authenticated administrators to execute arbitrary commands via shell metacharacters in a request to the administrative interface, aka Bug IDs CSCti52041 and CSCti74930.

CWE

CWE-78

Affected Products

cisco unified communications manager

References

🔗 seclists.org 🔗 secunia.com 🔗 tools.cisco.com 🔗 www.nsense.fi 🔗 www.securityfocus.com