Multiple open redirect vulnerabilities in the admin web interface in the web framework in Cisco Unified Communications Domain Manager (CDM) 8.1(.4) and earlier allow remote attackers to redirect users to arbitrary web sites and conduct phishing attacks via crafted URLs for unspecified scripts, aka Bug ID CSCuo48835.
Affected Software
| Name | Vendor | Start Version | End Version |
|---|---|---|---|
| Unified_communications_domain_manager | Cisco | * | 8.1(.4) (including) |
| Unified_communications_domain_manager | Cisco | 8.1 (including) | 8.1 (including) |
| Unified_communications_domain_manager | Cisco | 8.1(.1) (including) | 8.1(.1) (including) |
| Unified_communications_domain_manager | Cisco | 8.1(.2) (including) | 8.1(.2) (including) |
| Unified_communications_domain_manager | Cisco | 8.1(.3) (including) | 8.1(.3) (including) |
References
- http://tools.cisco.com/security/center/content/CiscoSecurityNotice/CVE-2014-3320
- http://tools.cisco.com/security/center/viewAlert.x?alertId=34960
- http://www.securityfocus.com/bid/68694
- http://www.securitytracker.com/id/1030613
- http://tools.cisco.com/security/center/content/CiscoSecurityNotice/CVE-2014-3320
- http://tools.cisco.com/security/center/viewAlert.x?alertId=34960
- http://www.securityfocus.com/bid/68694
- http://www.securitytracker.com/id/1030613