Lucene search
K
Database
Vendors
Products
Years
CVSS
Scanner
Agent Scanning
API Scanning
Manual Audit
Perimeter Scanner
Scanning
Projects
Email
Webhook
Plugins
Resources
Documents
Blog
Glossary
FAQ
Pricing
Contacts
About Us
Partners
Branding Guideline
nvd[email protected]NVD:CVE-2014-3300
HistoryJul 07, 2014 - 11:01 a.m.

CVE-2014-3300

2014-07-0711:01:30
CWE-264
[email protected]
web.nvd.nist.gov
4

CVSS2

7.5

Attack Vector

NETWORK

Attack Complexity

LOW

Authentication

NONE

Confidentiality Impact

PARTIAL

Integrity Impact

PARTIAL

Availability Impact

PARTIAL

AV:N/AC:L/Au:N/C:P/I:P/A:P

AI Score

6.3

Confidence

Low

EPSS

0.013

Percentile

86.0%

JSON

The BVSMWeb portal in the web framework in Cisco Unified Communications Domain Manager (CDM) in Unified CDM Application Software before 10 does not properly implement access control, which allows remote attackers to modify user information via a crafted URL, aka Bug ID CSCum77041.

Affected configurations

Nvd
Node
ciscounified_cdm_application_softwareRange8.1.4
OR
ciscounified_cdm_application_softwareMatch8.1
OR
ciscounified_communications_domain_managerMatch-
VendorProductVersionCPE
ciscounified_cdm_application_software*cpe:2.3:a:cisco:unified_cdm_application_software:*:*:*:*:*:*:*:*
ciscounified_cdm_application_software8.1cpe:2.3:a:cisco:unified_cdm_application_software:8.1:*:*:*:*:*:*:*
ciscounified_communications_domain_manager-cpe:2.3:a:cisco:unified_communications_domain_manager:-:*:*:*:*:*:*:*

Related

metasploit 2
packetstorm 2
cvelist 1
prion 1
cve 1
cisco 1
securityvulns 1
metasploit
metasploit
Viproy CUCDM IP Phone XML Services - Call Forwarding Tool
2015-01-10 06:28:01
Viproy CUCDM IP Phone XML Services - Speed Dial Attack Tool
2015-01-10 06:29:28
packetstorm
packetstorm
Viproy CUCDM IP Phone XML Services Call Forwarding Tool
2024-08-31 00:00:00
Viproy CUCDM IP Phone XML Services Speed Dial Attack Tool
2024-08-31 00:00:00
cvelist
cvelist
CVE-2014-3300
2014-07-07 10:00:00
prion
prion
Improper access control
2014-07-07 11:01:00
cve
cve
CVE-2014-3300
2014-07-07 11:01:30
cisco
cisco
Multiple Vulnerabilities in Cisco Unified Communications Domain Manager
2014-07-02 16:00:00
securityvulns
securityvulns
Cisco Unified Communications Domain Manager multiple security vulnerabilities
2014-08-04 00:00:00

CVSS2

7.5

Attack Vector

NETWORK

Attack Complexity

LOW

Authentication

NONE

Confidentiality Impact

PARTIAL

Integrity Impact

PARTIAL

Availability Impact

PARTIAL

AV:N/AC:L/Au:N/C:P/I:P/A:P

AI Score

6.3

Confidence

Low

EPSS

0.013

Percentile

86.0%

JSON
Related for NVD:CVE-2014-3300
metasploit2packetstorm2cvelist1prion1cve1cisco1securityvulns1