CVE-2014-3320

Multiple open redirect vulnerabilities in the admin web interface in the web framework in Cisco Unified Communications Domain Manager (CDM) 8.1(.4) and earlier allow remote attackers to redirect users to arbitrary web sites and conduct phishing attacks via crafted URLs for unspecified scripts, aka Bug ID CSCuo48835.

Published: Jul 18, 2014
Updated: Apr 13, 2023
CVE: CVE-2014-3320
Severity: Medium
Exploit:

CVSS v2:

Severity: Medium
Score: 5.8
AV:N/AC:M/Au:N/C:P/I:P/A:N

No CWE or OWASP classifications available.

Affected Software
References

Software	From	Fixed in
cisco / unified_communications_domain_manager	8.1	8.1.x
cisco / unified_communications_domain_manager	8.1(.3)	8.1(.3).x
cisco / unified_communications_domain_manager	-	8.1\(.4\).x
cisco / unified_communications_domain_manager	8.1(.1)	8.1(.1).x
cisco / unified_communications_domain_manager	8.1(.2)	8.1(.2).x

http://tools.cisco.com/security/center/content/CiscoSecurityNotice/CVE-2014-3320
http://tools.cisco.com/security/center/viewAlert.x?alertId=34960
http://www.securityfocus.com/bid/68694
http://www.securitytracker.com/id/1030613

Vulnerability Database

290,020

CVE-2014-3320