CVE-2014-3281
First published: Sun Jun 08 2014(Updated: )
The web framework in VOSS in Cisco Unified Communications Domain Manager (CDM) does not properly implement access control, which allows remote attackers to obtain potentially sensitive user information by visiting an unspecified BVSMWeb web page, aka Bug IDs CSCun46071 and CSCun46101.
Credit: ykramarz@cisco.com
| Affected Software | Affected Version | How to fix |
|---|---|---|
| Cisco Unified Communications Domain Manager Platform |
Never miss a vulnerability like this again
Sign up to SecAlerts for real-time vulnerability data matched to your software, aggregated from hundreds of sources.
Reference Links
Frequently Asked Questions
What is the severity of CVE-2014-3281?
CVE-2014-3281 is considered a high-severity vulnerability due to improper access control in Cisco Unified Communications Domain Manager.
How do I fix CVE-2014-3281?
To fix CVE-2014-3281, apply the latest security patches provided by Cisco for the Unified Communications Domain Manager.
What types of information can be exposed due to CVE-2014-3281?
CVE-2014-3281 can expose potentially sensitive user information to remote attackers through certain web pages.
Who is affected by CVE-2014-3281?
CVE-2014-3281 affects users of Cisco Unified Communications Domain Manager and its web framework.
When was CVE-2014-3281 discovered?
CVE-2014-3281 was publicly disclosed in 2014 as part of vulnerabilities affecting Cisco Unified Communications Domain Manager.
- agent/type
- agent/softwarecombine
- collector/mitre-cve
- source/MITRE
- agent/severity
- agent/last-modified-date
- agent/author
- agent/weakness
- agent/references
- agent/first-publish-date
- agent/event
- agent/description
- agent/source
- agent/tags
- collector/nvd-index
- agent/software-canonical-lookup-request
- vendor/cisco
- canonical/cisco unified communications domain manager platform