Cisco CallManager CCMAdmin Remote Privilege Escalation Vulnerability

Cisco CallManager CCMAdmin Remote Privilege Escalation Vulnerability

Cisco CallManager is susceptible to a remote privilege escalation vulnerability. This issue is due to a failure of the application to properly enforce access controls. This issue is only exploitable when Multi Level Administration is enabled, and users are granted read-only administrative access via the CCMAdmin Web interface.

This issue allows remote attackers to gain full read-write administrative access to the Web interface of Cisco CallManager.