CVE-2014-3283

Published: May 29, 2014Modified: May 6, 2026

5.8

Vector

AV:N/AC:M/Au:N/C:P/I:P/A:N

Exploitability: 8.6 / Impact: 4.9

Source: NVD

Description

Open redirect vulnerability in Self-Care Client Portal applications in the web framework in VOSS in Cisco Unified Communications Domain Manager (CDM) 9.0(.1) and earlier allows remote attackers to redirect users to arbitrary web sites and conduct phishing attacks via a crafted URL, aka Bug ID CSCun79731.

Affected (5)

Products: Cisco: Unified Communications Domain Manager

1 product

Unified Communications Domain Manager

Configuration A

5 vulnerable

Vulnerable Software	Affected Versions
Cisco Unified Communications Domain Manager	Up to 9.0\(.1\)
Cisco Unified Communications Domain Manager	Version 7.4
Cisco Unified Communications Domain Manager	Version 8.6
Cisco Unified Communications Domain Manager	Version 8.6(.2)
Cisco Unified Communications Domain Manager	Version 9.0

Related CWEs

Improper Input Validation

The product receives input or data, but it does not validate or incorrectly validates that the input has the properties that are required to process the data safely and correctly.

References (10)

http://secunia.com/advisories/58400

Source: psirt@cisco.com

Permissions Required

http://tools.cisco.com/security/center/content/CiscoSecurityNotice/CVE-2014-3283

Source: psirt@cisco.com

Vendor Advisory

http://tools.cisco.com/security/center/viewAlert.x?alertId=34383

Source: psirt@cisco.com

Vendor Advisory

http://www.securityfocus.com/bid/67665

Source: psirt@cisco.com

Third Party AdvisoryVDB Entry

http://www.securitytracker.com/id/1030306

Source: psirt@cisco.com

Third Party AdvisoryVDB Entry

http://secunia.com/advisories/58400

Source: af854a3a-2127-422b-91ae-364da2661108

Permissions Required

http://tools.cisco.com/security/center/content/CiscoSecurityNotice/CVE-2014-3283

Source: af854a3a-2127-422b-91ae-364da2661108

Vendor Advisory

http://tools.cisco.com/security/center/viewAlert.x?alertId=34383

Source: af854a3a-2127-422b-91ae-364da2661108

Vendor Advisory

http://www.securityfocus.com/bid/67665

Source: af854a3a-2127-422b-91ae-364da2661108

Third Party AdvisoryVDB Entry

http://www.securitytracker.com/id/1030306

Source: af854a3a-2127-422b-91ae-364da2661108

Third Party AdvisoryVDB Entry

Timeline

No history available yet.