CVE-2014-3300
Last modified
CVE-2014-3300 is a vulnerability of currently unknown severity. The BVSMWeb portal in the web framework in Cisco Unified Communications Domain Manager (CDM) in Unified CDM Application Software before 10 does not properly implement access control, which allows remote attackers to modify user information via a crafted URL, aka Bug ID CSCum77041.. EPSS estimates a 21.88% chance of exploitation in the next 30 days.
Description
The BVSMWeb portal in the web framework in Cisco Unified Communications Domain Manager (CDM) in Unified CDM Application Software before 10 does not properly implement access control, which allows remote attackers to modify user information via a crafted URL, aka Bug ID CSCum77041.
Metrics
Weakness Enumeration
Affected Software
| Vendor | Product | Versions |
|---|---|---|
| Cisco | Unified Cdm Application Software | <= 8.1.4 |
| Cisco | Unified Cdm Application Software | 8.1 |
| Cisco | Unified Communications Domain Manager | All versions |
References
- http://www.securityfocus.com/bid/68331Third Party Advisory, VDB Entry
- http://www.securitytracker.com/id/1030515Third Party Advisory, VDB Entry
- http://www.securityfocus.com/bid/68331Third Party Advisory, VDB Entry
- http://www.securitytracker.com/id/1030515Third Party Advisory, VDB Entry
Timeline
- Published
- Last Modified
- Status
- Modified
Frequently Asked Questions
What is CVE-2014-3300?
How severe is CVE-2014-3300?
How do I fix CVE-2014-3300?
Are you affected by CVE-2014-3300?
Run a free Strix scan to check your systems for this vulnerability.
Scan your code nowSource: NVD / NIST