Access Control Vulnerability in Cisco Unified Communications Domain Manager
CVE-2014-3300

Currently unrated

Key Information:

Vendor

Cisco
Status
Unified Communications Domain Manager
Unified Cdm Application Software
Vendor
CVE Published:
7 July 2014

What is CVE-2014-3300?

The BVSMWeb portal within Cisco's Unified Communications Domain Manager fails to properly enforce access control mechanisms. This oversight permits remote attackers to manipulate user information through specially crafted URLs, creating a pathway for unauthorized modifications. Organizations utilizing the affected system should prioritize implementing robust access controls and monitoring practices to mitigate the potential for exploitation.

References

http://www.securitytracker.com/id/1030515
vdb-entryx_refsource_SECTRACK
http://tools.cisco.com/security/center/content/CiscoSecur...
vendor-advisoryx_refsource_CISCO
http://tools.cisco.com/security/center/viewAMBAlert.x?ale...
vendor-advisoryx_refsource_CISCO

EPSS Score

45% chance of being exploited in the next 30 days.

Timeline

  • Vulnerability published

  • Vulnerability Reserved

.