Vulnerability Details CVE-2014-3320
Multiple open redirect vulnerabilities in the admin web interface in the web framework in Cisco Unified Communications Domain Manager (CDM) 8.1(.4) and earlier allow remote attackers to redirect users to arbitrary web sites and conduct phishing attacks via crafted URLs for unspecified scripts, aka Bug ID CSCuo48835.
Exploit prediction scoring system (EPSS) score
EPSS Score 0.005
EPSS Ranking 65.9%
CVSS Severity
CVSS v2 Score 5.8
References
- http://tools.cisco.com/security/center/content/CiscoSecurityNotice/CVE-2014-3320
- http://tools.cisco.com/security/center/viewAlert.x?alertId=34960
- http://www.securityfocus.com/bid/68694
- http://www.securitytracker.com/id/1030613
- http://tools.cisco.com/security/center/content/CiscoSecurityNotice/CVE-2014-3320
- http://tools.cisco.com/security/center/viewAlert.x?alertId=34960
- http://www.securityfocus.com/bid/68694
- http://www.securitytracker.com/id/1030613
Products affected by CVE-2014-3320
-
cpe:2.3:a:cisco:unified_communications_domain_manager:-
-
cpe:2.3:a:cisco:unified_communications_domain_manager:4.4.1
-
cpe:2.3:a:cisco:unified_communications_domain_manager:4.4.2
-
cpe:2.3:a:cisco:unified_communications_domain_manager:4.4.3
-
cpe:2.3:a:cisco:unified_communications_domain_manager:4.4.4
-
cpe:2.3:a:cisco:unified_communications_domain_manager:7.4
-
cpe:2.3:a:cisco:unified_communications_domain_manager:8.0
-
cpe:2.3:a:cisco:unified_communications_domain_manager:8.0.1
-
cpe:2.3:a:cisco:unified_communications_domain_manager:8.0.2
-
cpe:2.3:a:cisco:unified_communications_domain_manager:8.1
-
cpe:2.3:a:cisco:unified_communications_domain_manager:8.1(.1)
-
cpe:2.3:a:cisco:unified_communications_domain_manager:8.1(.2)
-
cpe:2.3:a:cisco:unified_communications_domain_manager:8.1(.3)
-
cpe:2.3:a:cisco:unified_communications_domain_manager:8.1(.4)