Vulnerability Description
The web framework in VOSS in Cisco Unified Communications Domain Manager (CDM) does not properly implement access control, which allows remote attackers to obtain potentially sensitive user information by visiting an unspecified BVSMWeb web page, aka Bug IDs CSCun46071 and CSCun46101.
CVSS Score
MEDIUM
Affected Products
| Vendor | Product | Versions |
|---|---|---|
| Cisco | Unified Communications Domain Manager | - |
Related Weaknesses (CWE)
References
- http://secunia.com/advisories/58657
- http://tools.cisco.com/security/center/content/CiscoSecurityNotice/CVE-2014-3281Vendor Advisory
- http://www.securityfocus.com/bid/67925
- http://secunia.com/advisories/58657
- http://tools.cisco.com/security/center/content/CiscoSecurityNotice/CVE-2014-3281Vendor Advisory
- http://www.securityfocus.com/bid/67925
FAQ
What is CVE-2014-3281?
CVE-2014-3281 is a vulnerability with a CVSS score of 5.0 (MEDIUM). The web framework in VOSS in Cisco Unified Communications Domain Manager (CDM) does not properly implement access control, which allows remote attackers to obtain potentially sensitive user informatio...
How severe is CVE-2014-3281?
CVE-2014-3281 has been rated MEDIUM with a CVSS base score of 5.0/10. Review the CVSS metrics above for detailed severity breakdown.
Is there a patch for CVE-2014-3281?
Check the references section above for vendor advisories and patch information. Affected products include: Cisco Unified Communications Domain Manager.