VDB
CVE-2014-3300
CVE-2014-3300
PUBLISHED
CVSS 7.5 HIGH
The BVSMWeb portal in the web framework in Cisco Unified Communications Domain Manager (CDM) in Unified CDM Application Software before 10 does not properly implement access control, which allows remote attackers to modify user information via a crafted URL, aka Bug ID CSCum77041.
EPSS 45.58% · 97.7th percentile
Risk Scores
CVSS 2.0
7.5
EPSS Score
45.58%
97.7th percentile
Affected Products
| Vendor | Product | Versions |
|---|---|---|
| n/a | n/a | * |
| Cisco | Unified Communications | |
| cisco | unified_communications_domain_manager | |
| cisco | unified_cdm_application_software | 0, 8.1 |
Exploit Intelligence
- CIRCL seen: CVE-2014-3300 (circl-sighting)
- CIRCL seen: CVE-2014-3300 (circl-sighting)
- CIRCL seen: CVE-2014-3300 (circl-sighting)
- CIRCL seen: CVE-2014-3300 (circl-sighting)
- 1030515 (circl)
- 20140702 Multiple Vulnerabilities in Cisco Unified Communications Domain Manager (circl)
- 59556 (circl)
- 68331 (circl)
- 20140702 Identifying and Mitigating Exploitation of the Multiple Vulnerabilities in Cisco Unified Communications Domain Manager (cve.org)
Timeline
- Jul 2, 2014 CVE Published
- May 29, 2018 PoC Published
- Feb 4, 2022 EPSS Score
- Mar 29, 2022 EPSS Score
- May 20, 2022 EPSS Score
- Sep 3, 2022 EPSS Score
- Oct 26, 2022 EPSS Score
- Dec 18, 2022 EPSS Score
- Feb 8, 2023 EPSS Score
- Apr 2, 2023 EPSS Score
- May 25, 2023 EPSS Score
- Jul 16, 2023 EPSS Score
References
- http://secunia.com/advisories/59556 url
- 1030515 vdb
- 20140702 Multiple Vulnerabilities in Cisco Unified Communications Domain Manager vendor-advisory
- 20140702 Identifying and Mitigating Exploitation of the Multiple Vulnerabilities in Cisco Unified Communications Domain Manager vendor-advisory
- 68331 vdb
- https://nvd.nist.gov/vuln/detail/CVE-2014-3300 advisory