CVE-2014-3283

EUVD-2014-3296
Open redirect vulnerability in Self-Care Client Portal applications in the web framework in VOSS in Cisco Unified Communications Domain Manager (CDM) 9.0(.1) and earlier allows remote attackers to redirect users to arbitrary web sites and conduct phishing attacks via a crafted URL, aka Bug ID CSCun79731.
ProviderTypeBase ScoreAtk. VectorAtk. ComplexityPriv. RequiredVector
NISTPrimary
5.8 UNKNOWN
NETWORK
MEDIUM
AV:N/AC:M/Au:N/C:P/I:P/A:N
Base Score
CVSS 3.x
EPSS Score
Percentile: 67%
Affected Products (NVD)
VendorProductVersion
ciscounified_communications_domain_manager
𝑥
≤ 9.0\(.1\)
ciscounified_communications_domain_manager
7.4
ciscounified_communications_domain_manager
8.6
ciscounified_communications_domain_manager
8.6\(.2\)
ciscounified_communications_domain_manager
9.0
𝑥
= Vulnerable software versions
Common Weakness Enumeration
References
http://secunia.com/advisories/58400
http://tools.cisco.com/security/center/content/CiscoSecurityNotice/CVE-2014-3283
http://tools.cisco.com/security/center/viewAlert.x?alertId=34383
http://www.securityfocus.com/bid/67665
http://www.securitytracker.com/id/1030306
http://secunia.com/advisories/58400
http://tools.cisco.com/security/center/content/CiscoSecurityNotice/CVE-2014-3283
http://tools.cisco.com/security/center/viewAlert.x?alertId=34383
http://www.securityfocus.com/bid/67665
http://www.securitytracker.com/id/1030306