CVE-2014-2117

Published: Apr 4, 2014Modified: May 6, 2026

4.3

Vector

AV:N/AC:M/Au:N/C:N/I:P/A:N

Exploitability: 8.6 / Impact: 2.9

Source: NVD

Description

Multiple open redirect vulnerabilities in Cisco Emergency Responder (ER) 8.6 and earlier allow remote attackers to redirect users to arbitrary web sites and conduct phishing attacks via unspecified parameters, aka Bug ID CSCun37909.

Affected (1)

Products: Cisco: Emergency Responder

Cisco

1 product

Emergency Responder

Configuration A

1 vulnerable

Vulnerable Software	Affected Versions
Cisco Emergency Responder	Up to 8.6

Related CWEs

CWE-20

Improper Input Validation

The product receives input or data, but it does not validate or incorrectly validates that the input has the properties that are required to process the data safely and correctly.

References (8)

http://tools.cisco.com/security/center/content/CiscoSecurityNotice/CVE-2014-2117

Source: psirt@cisco.com

Vendor Advisory

http://tools.cisco.com/security/center/viewAlert.x?alertId=33642

Source: psirt@cisco.com

Vendor Advisory

http://www.securityfocus.com/bid/66634

Source: psirt@cisco.com

http://www.securitytracker.com/id/1030019

Source: psirt@cisco.com

http://tools.cisco.com/security/center/content/CiscoSecurityNotice/CVE-2014-2117

Source: af854a3a-2127-422b-91ae-364da2661108

Vendor Advisory

http://tools.cisco.com/security/center/viewAlert.x?alertId=33642

Source: af854a3a-2127-422b-91ae-364da2661108

Vendor Advisory

http://www.securityfocus.com/bid/66634

Source: af854a3a-2127-422b-91ae-364da2661108

http://www.securitytracker.com/id/1030019

Source: af854a3a-2127-422b-91ae-364da2661108

Timeline

No history available yet.