Vulnerabilities > CVE-2014-3320 - Unspecified vulnerability in Cisco Unified Communications Domain Manager

CVSS 5.8 - MEDIUM

Attack vector

NETWORK

Attack complexity

MEDIUM

Privileges required

NONE

Confidentiality impact

PARTIAL

Integrity impact

PARTIAL

Availability impact

NONE

network

cisco

NVD

Published: 2014-07-18

Updated: 2017-01-12

Summary

Multiple open redirect vulnerabilities in the admin web interface in the web framework in Cisco Unified Communications Domain Manager (CDM) 8.1(.4) and earlier allow remote attackers to redirect users to arbitrary web sites and conduct phishing attacks via crafted URLs for unspecified scripts, aka Bug ID CSCuo48835. <a href="http://cwe.mitre.org/data/definitions/601.html" target="_blank">CWE-601: CWE-601: URL Redirection to Untrusted Site ('Open Redirect')</a>

Vulnerable Configurations

Part	Description	Count
Application	Cisco Cisco Unified Communications Domain Manager 8.1 Cisco Unified Communications Domain Manager 8.1\(.1\) Cisco Unified Communications Domain Manager 8.1\(.2\) Cisco Unified Communications Domain Manager 8.1\(.3\) Cisco Unified Communications Domain Manager - Cisco Unified Communications Domain Manager 4.4.1 Cisco Unified Communications Domain Manager 4.4.2 Cisco Unified Communications Domain Manager 4.4.3 Cisco Unified Communications Domain Manager 4.4.4 Cisco Unified Communications Domain Manager 7.4 Cisco Unified Communications Domain Manager 8.0 Cisco Unified Communications Domain Manager 8.0.1 Cisco Unified Communications Domain Manager 8.0.2 Cisco Unified Communications Domain Manager 8.1\(.4\)	14

Summary

Vulnerable Configurations

References