Lucene search

[email protected]CVE-2014-3281

HistoryJun 08, 2014 - 4:55 p.m.

CVE-2014-3281

2014-06-0816:55:00

CWE-264

[email protected]

web.nvd.nist.gov

cve-2014-3281

cisco

voss

unified communications

domain manager

cdm

access control

remote attackers

sensitive user information

security vulnerability

nvd

bug ids

cscun46071

cscun46101

7.2 High

AI Score

Confidence

Low

5 Medium

CVSS2

Access Vector

NETWORK

Access Complexity

LOW

Authentication

NONE

Confidentiality Impact

PARTIAL

Integrity Impact

NONE

Availability Impact

NONE

AV:N/AC:L/Au:N/C:P/I:N/A:N

0.003 Low

EPSS

Percentile

65.4%

JSON

The web framework in VOSS in Cisco Unified Communications Domain Manager (CDM) does not properly implement access control, which allows remote attackers to obtain potentially sensitive user information by visiting an unspecified BVSMWeb web page, aka Bug IDs CSCun46071 and CSCun46101.

CPENameOperatorVersion
cisco:unified_communications_domain_managercisco unified communications domain managereq-

CPE	Name	Operator	Version
cisco:unified_communications_domain_manager	cisco unified communications domain manager	eq	-

References

secunia.com/advisories/58657

tools.cisco.com/security/center/content/CiscoSecurityNotice/CVE-2014-3281

www.securityfocus.com/bid/67925

7.2 High

AI Score

Confidence

Low

5 Medium

CVSS2

Access Vector

NETWORK

Access Complexity

LOW

Authentication

NONE

Confidentiality Impact

PARTIAL

Integrity Impact

NONE

Availability Impact

NONE

AV:N/AC:L/Au:N/C:P/I:N/A:N

0.003 Low

EPSS

Percentile

65.4%

JSON

Related for CVE-2014-3281

prion1 cvelist1