CVE-2014-3300

Currently unrated

Key Information:

Vendor
Cisco
Status
Unified Communications Domain Manager
Unified Cdm Application Software
Vendor
CVE Published:
7 July 2014

Summary

The BVSMWeb portal in the web framework in Cisco Unified Communications Domain Manager (CDM) in Unified CDM Application Software before 10 does not properly implement access control, which allows remote attackers to modify user information via a crafted URL, aka Bug ID CSCum77041.

References

http://www.securitytracker.com/id/1030515
vdb-entryx_refsource_SECTRACK
http://tools.cisco.com/security/center/content/CiscoSecur...
vendor-advisoryx_refsource_CISCO
http://tools.cisco.com/security/center/viewAMBAlert.x?ale...
vendor-advisoryx_refsource_CISCO

EPSS Score

34% chance of being exploited in the next 30 days.

Timeline

  • Vulnerability published

  • Vulnerability Reserved

.