CVE-2014-3283

Open redirect vulnerability in Self-Care Client Portal applications in the web framework in VOSS in Cisco Unified Communications Domain Manager (CDM) 9.0(.1) and earlier allows remote attackers to redirect users to arbitrary web sites and conduct phishing attacks via a crafted URL, aka Bug ID CSCun79731.

Published: May 29, 2014
Updated: Apr 13, 2023
CVE: CVE-2014-3283
Severity: Medium
Exploit:

CVSS v2:

Severity: Medium
Score: 5.8
AV:N/AC:M/Au:N/C:P/I:P/A:N

CWEs:

CWE-20

Affected Software
References

Software	From	Fixed in
cisco / unified_communications_domain_manager	-	9.0\(.1\).x
cisco / unified_communications_domain_manager	8.6(.2)	8.6(.2).x
cisco / unified_communications_domain_manager	9.0	9.0.x
cisco / unified_communications_domain_manager	8.6	8.6.x
cisco / unified_communications_domain_manager	7.4	7.4.x

http://secunia.com/advisories/58400
http://tools.cisco.com/security/center/content/CiscoSecurityNotice/CVE-2014-3283
http://tools.cisco.com/security/center/viewAlert.x?alertId=34383
http://www.securityfocus.com/bid/67665
http://www.securitytracker.com/id/1030306

Vulnerability Database

290,020

CVE-2014-3283