CVE-2014-3300

Sažetak

The BVSMWeb portal in the web framework in Cisco Unified Communications Domain Manager (CDM) in Unified CDM Application Software before 10 does not properly implement access control, which allows remote attackers to modify user information via a crafted URL, aka Bug ID CSCum77041.

Reference

http://secunia.com/advisories/59556
http://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20140702-cucdm
http://tools.cisco.com/security/center/viewAMBAlert.x?alertId=34689
http://www.securityfocus.com/bid/68331
http://www.securitytracker.com/id/1030515

CVSS

Base:	7.5
Impact:	6.4
Exploitability:	10.0

Pristup

Vektor	Složenost	Autentikacija
NETWORK	LOW	NONE

Impact

Povjerljivost	Cjelovitost	Dostupnost
PARTIAL	PARTIAL	PARTIAL

CVSS vektor

AV:N/AC:L/Au:N/C:P/I:P/A:P

Zadnje važnije ažuriranje

12-01-2017 - 14:07

Objavljeno

07-07-2014 - 11:01