5.8

CVE-2014-3283

Open redirect vulnerability in Self-Care Client Portal applications in the web framework in VOSS in Cisco Unified Communications Domain Manager (CDM) 9.0(.1) and earlier allows remote attackers to redirect users to arbitrary web sites and conduct phishing attacks via a crafted URL, aka Bug ID CSCun79731.
Daten sind bereitgestellt durch National Vulnerability Database (NVD)
Zu dieser CVE wurde keine Warnung gefunden.
EPSS Metriken
Typ Quelle Score Percentile
EPSS FIRST.org 2.21% 0.802
CVSS Metriken
Quelle Base Score Exploit Score Impact Score Vector String
nvd@nist.gov 5.8 8.6 4.9
AV:N/AC:M/Au:N/C:P/I:P/A:N
CWE-20 Improper Input Validation

The product receives input or data, but it does not validate or incorrectly validates that the input has the properties that are required to process the data safely and correctly.

http://secunia.com/advisories/58400
Permissions Required
http://www.securitytracker.com/id/1030306
Third Party Advisory
VDB Entry
http://tools.cisco.com/security/center/content/CiscoSecurityNotice/CVE-2014-3283
Vendor Advisory
http://tools.cisco.com/security/center/viewAlert.x?alertId=34383
Vendor Advisory
http://www.securityfocus.com/bid/67665
Third Party Advisory
VDB Entry