Access Control Vulnerability in Cisco Unified Communications Domain Manager
CVE-2014-3300

Currently unrated

Key Information:

Vendor
Cisco
Status
Unified Communications Domain Manager
Unified Cdm Application Software
Vendor
CVE Published:
7 July 2014

Summary

The BVSMWeb portal within Cisco's Unified Communications Domain Manager fails to properly enforce access control mechanisms. This oversight permits remote attackers to manipulate user information through specially crafted URLs, creating a pathway for unauthorized modifications. Organizations utilizing the affected system should prioritize implementing robust access controls and monitoring practices to mitigate the potential for exploitation.

References

http://www.securitytracker.com/id/1030515
vdb-entryx_refsource_SECTRACK
http://tools.cisco.com/security/center/content/CiscoSecur...
vendor-advisoryx_refsource_CISCO
http://tools.cisco.com/security/center/viewAMBAlert.x?ale...
vendor-advisoryx_refsource_CISCO

EPSS Score

45% chance of being exploited in the next 30 days.

Timeline

  • Vulnerability published

  • Vulnerability Reserved

.