CVEDB API

Vulnerabilities

Vulnerable Software

Vulnerability Details CVE-2014-3277

The Administration GUI in the web framework in VOSS in Cisco Unified Communications Domain Manager (CDM) 9.0(.1) and earlier does not properly implement access control, which allows remote authenticated users to obtain sensitive user and group information by leveraging Location Administrator privileges and entering a crafted URL, aka Bug ID CSCum77005.

Exploit prediction scoring system (EPSS) score

EPSS Score 0.004

EPSS Ranking 57.3%

CVSS Severity

CVSS v2 Score 4.0

References

Products affected by CVE-2014-3277

Cisco » Unified Communications Domain Manager » Version: N/A

cpe:2.3:a:cisco:unified_communications_domain_manager:-
Cisco » Unified Communications Domain Manager » Version: 4.4.1

cpe:2.3:a:cisco:unified_communications_domain_manager:4.4.1
Cisco » Unified Communications Domain Manager » Version: 4.4.2

cpe:2.3:a:cisco:unified_communications_domain_manager:4.4.2
Cisco » Unified Communications Domain Manager » Version: 4.4.3

cpe:2.3:a:cisco:unified_communications_domain_manager:4.4.3
Cisco » Unified Communications Domain Manager » Version: 4.4.4

cpe:2.3:a:cisco:unified_communications_domain_manager:4.4.4
Cisco » Unified Communications Domain Manager » Version: 7.4

cpe:2.3:a:cisco:unified_communications_domain_manager:7.4
Cisco » Unified Communications Domain Manager » Version: 8.0

cpe:2.3:a:cisco:unified_communications_domain_manager:8.0
Cisco » Unified Communications Domain Manager » Version: 8.0.1

cpe:2.3:a:cisco:unified_communications_domain_manager:8.0.1
Cisco » Unified Communications Domain Manager » Version: 8.0.2

cpe:2.3:a:cisco:unified_communications_domain_manager:8.0.2
Cisco » Unified Communications Domain Manager » Version: 8.1

cpe:2.3:a:cisco:unified_communications_domain_manager:8.1
Cisco » Unified Communications Domain Manager » Version: 8.1(.1)

cpe:2.3:a:cisco:unified_communications_domain_manager:8.1(.1)
Cisco » Unified Communications Domain Manager » Version: 8.1(.2)

cpe:2.3:a:cisco:unified_communications_domain_manager:8.1(.2)
Cisco » Unified Communications Domain Manager » Version: 8.1(.3)

cpe:2.3:a:cisco:unified_communications_domain_manager:8.1(.3)
Cisco » Unified Communications Domain Manager » Version: 8.1(.4)

cpe:2.3:a:cisco:unified_communications_domain_manager:8.1(.4)
Cisco » Unified Communications Domain Manager » Version: 8.1(4)er1

cpe:2.3:a:cisco:unified_communications_domain_manager:8.1(4)er1
Cisco » Unified Communications Domain Manager » Version: 8.1(7)er1

cpe:2.3:a:cisco:unified_communications_domain_manager:8.1(7)er1
Cisco » Unified Communications Domain Manager » Version: 8.1.4er1

cpe:2.3:a:cisco:unified_communications_domain_manager:8.1.4er1
Cisco » Unified Communications Domain Manager » Version: 8.6

cpe:2.3:a:cisco:unified_communications_domain_manager:8.6
Cisco » Unified Communications Domain Manager » Version: 8.6(.2)

cpe:2.3:a:cisco:unified_communications_domain_manager:8.6(.2)
Cisco » Unified Communications Domain Manager » Version: 9.0

cpe:2.3:a:cisco:unified_communications_domain_manager:9.0
Cisco » Unified Communications Domain Manager » Version: 9.0(.1)

cpe:2.3:a:cisco:unified_communications_domain_manager:9.0(.1)

Vulnerabilities

Vulnerable Software

Vulnerability Details CVE-2014-3277

Products

Pricing

Contact Us