CVE-2014-3345

The web framework in Cisco Transport Gateway for Smart Call Home (aka TG-SCH or Transport Gateway Installation Software) 4.0 does not properly check authorization for administrative web pages, which allows remote attackers to modify the product via a crafted URL, aka Bug ID CSCuq31503.

Severity	MEDIUM
CVSS	5.0
CWE	CWE-264
KEV
Published	11 years ago
Modified	1 week ago

Related Products

Product	Advisory	Evidence
Transport Gateway Installation Software	Cisco-SA-20140828-CVE-2014-3345	Cisco OpenVuln
Cisco Transport Gateway Installation Software	Cisco-SA-20140828-CVE-2014-3345	Cisco OpenVuln