CVE-2014-3320

Multiple open redirect vulnerabilities in the admin web interface in the web framework in Cisco Unified Communications Domain Manager (CDM) 8.1(.4) and earlier allow remote attackers to redirect users to arbitrary web sites and conduct phishing attacks via crafted URLs for unspecified scripts, aka Bug ID CSCuo48835.
ProviderTypeBase ScoreAtk. VectorAtk. ComplexityPriv. RequiredVector
NISTNIST
5.8 UNKNOWN
NETWORK
MEDIUM
AV:N/AC:M/Au:N/C:P/I:P/A:N
ciscoCNA
---
---
CVEADP
---
---
Base Score
CVSS 3.x
EPSS Score
Percentile: 66%
VendorProductVersion
ciscounified_communications_domain_manager
𝑥
≤ 8.1\(.4\)
ciscounified_communications_domain_manager
8.1
ciscounified_communications_domain_manager
8.1\(.1\)
ciscounified_communications_domain_manager
8.1\(.2\)
ciscounified_communications_domain_manager
8.1\(.3\)
𝑥
= Vulnerable software versions
References
http://tools.cisco.com/security/center/content/CiscoSecurityNotice/CVE-2014-3320
http://tools.cisco.com/security/center/viewAlert.x?alertId=34960
http://www.securityfocus.com/bid/68694
http://www.securitytracker.com/id/1030613
http://tools.cisco.com/security/center/content/CiscoSecurityNotice/CVE-2014-3320
http://tools.cisco.com/security/center/viewAlert.x?alertId=34960
http://www.securityfocus.com/bid/68694
http://www.securitytracker.com/id/1030613