Lucene search

[email protected]NVD:CVE-2014-3283

HistoryMay 29, 2014 - 5:55 p.m.

CVE-2014-3283

2014-05-2917:55:05

CWE-20

[email protected]

web.nvd.nist.gov

5.8 Medium

CVSS2

Attack Vector

NETWORK

Attack Complexity

MEDIUM

Authentication

NONE

Confidentiality Impact

PARTIAL

Integrity Impact

PARTIAL

Availability Impact

NONE

AV:N/AC:M/Au:N/C:P/I:P/A:N

6.6 Medium

AI Score

Confidence

High

0.002 Low

EPSS

Percentile

61.4%

JSON

Open redirect vulnerability in Self-Care Client Portal applications in the web framework in VOSS in Cisco Unified Communications Domain Manager (CDM) 9.0(.1) and earlier allows remote attackers to redirect users to arbitrary web sites and conduct phishing attacks via a crafted URL, aka Bug ID CSCun79731.

Affected configurations

NVD

Node

ciscounified_communications_domain_managerRange≤9.0\(.1\)

ciscounified_communications_domain_managerMatch7.4

ciscounified_communications_domain_managerMatch8.6

ciscounified_communications_domain_managerMatch8.6\(.2\)

ciscounified_communications_domain_managerMatch9.0

References

secunia.com/advisories/58400

tools.cisco.com/security/center/content/CiscoSecurityNotice/CVE-2014-3283

tools.cisco.com/security/center/viewAlert.x?alertId=34383

www.securityfocus.com/bid/67665

www.securitytracker.com/id/1030306

5.8 Medium

CVSS2

Attack Vector

NETWORK

Attack Complexity

MEDIUM

Authentication

NONE

Confidentiality Impact

PARTIAL

Integrity Impact

PARTIAL

Availability Impact

NONE

AV:N/AC:M/Au:N/C:P/I:P/A:N

6.6 Medium

AI Score

Confidence

High

0.002 Low

EPSS

Percentile

61.4%

JSON

Related for NVD:CVE-2014-3283

cve1 cvelist1 prion1