Unrated severityNVD Advisory· Published Oct 20, 2003· Updated Apr 16, 2026
CVE-2003-0731
CVE-2003-0731
Description
CiscoWorks Common Management Foundation (CMF) 2.1 and earlier allows the guest user to gain administrative privileges via a certain POST request to com.cisco.nm.cmf.servlet.CsAuthServlet, possibly involving the "cmd" parameter with a modifyUser value and a modified "priviledges" parameter.
Affected products
12cpe:2.3:a:cisco:resource_manager:1.0:*:*:*:*:*:*:*+ 1 more
- cpe:2.3:a:cisco:resource_manager:1.0:*:*:*:*:*:*:*
- cpe:2.3:a:cisco:resource_manager:1.1:*:*:*:*:*:*:*
cpe:2.3:a:cisco:resource_manager_essentials:2.0:*:*:*:*:*:*:*+ 2 more
- cpe:2.3:a:cisco:resource_manager_essentials:2.0:*:*:*:*:*:*:*
- cpe:2.3:a:cisco:resource_manager_essentials:2.1:*:*:*:*:*:*:*
- cpe:2.3:a:cisco:resource_manager_essentials:2.2:*:*:*:*:*:*:*
cpe:2.3:a:cisco:ciscoworks_common_management_foundation:2.0:*:*:*:*:*:*:*+ 1 more
- cpe:2.3:a:cisco:ciscoworks_common_management_foundation:2.0:*:*:*:*:*:*:*
- cpe:2.3:a:cisco:ciscoworks_common_management_foundation:2.1:*:*:*:*:*:*:*
cpe:2.3:o:cisco:ciscoworks_cd1:1st:*:*:*:*:*:*:*+ 4 more
- cpe:2.3:o:cisco:ciscoworks_cd1:1st:*:*:*:*:*:*:*
- cpe:2.3:o:cisco:ciscoworks_cd1:2nd:*:*:*:*:*:*:*
- cpe:2.3:o:cisco:ciscoworks_cd1:3rd:*:*:*:*:*:*:*
- cpe:2.3:o:cisco:ciscoworks_cd1:4th:*:*:*:*:*:*:*
- cpe:2.3:o:cisco:ciscoworks_cd1:5th:*:*:*:*:*:*:*
Patches
0No patches discovered yet.
Vulnerability mechanics
AI mechanics synthesis has not run for this CVE yet.
References
2- www.cisco.com/warp/public/707/cisco-sa-20030813-cmf.shtmlnvdPatchVendor Advisory
- www.securityfocus.com/archive/1/333028nvdExploitVendor Advisory
News mentions
0No linked articles in our index yet.