Open Redirect Vulnerability in Cisco Unified Communications Domain Manager
CVE-2014-3320

Currently unrated

Key Information:

Vendor: Cisco
Status: Unified Communications Domain Manager
Vendor: CVE Published:; 18 July 2014

What is CVE-2014-3320?

Multiple open redirect vulnerabilities exist in the administrative web interface of Cisco Unified Communications Domain Manager, releasing versions 8.1(.4) and earlier. These flaws enable remote attackers to redirect users to arbitrary external websites, potentially facilitating phishing attacks through the use of specially crafted URLs targeting unspecified scripts. Organizations utilizing this service should evaluate their systems for potential exposure and consider implementing the recommended security measures.

References

http://www.securitytracker.com/id/1030613

vdb-entryx_refsource_SECTRACK

http://tools.cisco.com/security/center/content/CiscoSecur...

vendor-advisoryx_refsource_CISCO

http://tools.cisco.com/security/center/viewAlert.x?alertI...

x_refsource_CONFIRM

Download the Critical Vulnerability Management Cheat Sheet

Timeline

Vulnerability published
Jul 18, 2014
Vulnerability Reserved
May 7, 2014