Let's take this CVE for example: http://www.cvedetails.com/cve/CVE-2014-9283/
obtain administrative access via unspecified vectors.
What unspecified vectors means ?
I saw this term in a a lot of CVE.
Does this mean via unspecified factors ? (In the sense that they don't wanna give too much details about it so people can't exploit it easily?)
PS: This is purely for educational purposes.
Alternatively (and sadly common) it means the vendor/reporter did not provide Mitre with enough information to write a proper description of the vulnerability.
An attack vector is a path or means by which an attacker can gain access to a computer or network server in order to deliver a payload or malicious outcome. When it's not specified, it simply means that probably there is a way, but no-one has found one or the vendor does not want the vector to be disclosed yet.
