Vulnerability-Lookup

Search criteria

Vendor

Product

Assigner

Sources

Sort by

Order

CVE-2014-3300 (GCVE-0-2014-3300)

Vulnerability from nvd – Published: 2014-07-07 10:00 – Updated: 2024-08-06 10:35

Summary

The BVSMWeb portal in the web framework in Cisco Unified Communications Domain Manager (CDM) in Unified CDM Application Software before 10 does not properly implement access control, which allows remote attackers to modify user information via a crafted URL, aka Bug ID CSCum77041.

Severity ?

No CVSS data available.

CWE

n/a

Assigner

cisco

References

URL

Tags

	http://www.securitytracker.com/id/1030515	vdb-entryx_refsource_SECTRACK
	http://tools.cisco.com/security/center/content/Ci…	vendor-advisoryx_refsource_CISCO
	http://tools.cisco.com/security/center/viewAMBAle…	vendor-advisoryx_refsource_CISCO
	http://secunia.com/advisories/59556	third-party-advisoryx_refsource_SECUNIA
	http://www.securityfocus.com/bid/68331	vdb-entryx_refsource_BID

Show details on NVD website

JSON

To clipboard

{
  "containers": {
    "adp": [
      {
        "providerMetadata": {
          "dateUpdated": "2024-08-06T10:35:57.146Z",
          "orgId": "af854a3a-2127-422b-91ae-364da2661108",
          "shortName": "CVE"
        },
        "references": [
          {
            "name": "1030515",
            "tags": [
              "vdb-entry",
              "x_refsource_SECTRACK",
              "x_transferred"
            ],
            "url": "http://www.securitytracker.com/id/1030515"
          },
          {
            "name": "20140702 Multiple Vulnerabilities in Cisco Unified Communications Domain Manager",
            "tags": [
              "vendor-advisory",
              "x_refsource_CISCO",
              "x_transferred"
            ],
            "url": "http://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20140702-cucdm"
          },
          {
            "name": "20140702 Identifying and Mitigating Exploitation of the Multiple Vulnerabilities in Cisco Unified Communications Domain Manager",
            "tags": [
              "vendor-advisory",
              "x_refsource_CISCO",
              "x_transferred"
            ],
            "url": "http://tools.cisco.com/security/center/viewAMBAlert.x?alertId=34689"
          },
          {
            "name": "59556",
            "tags": [
              "third-party-advisory",
              "x_refsource_SECUNIA",
              "x_transferred"
            ],
            "url": "http://secunia.com/advisories/59556"
          },
          {
            "name": "68331",
            "tags": [
              "vdb-entry",
              "x_refsource_BID",
              "x_transferred"
            ],
            "url": "http://www.securityfocus.com/bid/68331"
          }
        ],
        "title": "CVE Program Container"
      }
    ],
    "cna": {
      "affected": [
        {
          "product": "n/a",
          "vendor": "n/a",
          "versions": [
            {
              "status": "affected",
              "version": "n/a"
            }
          ]
        }
      ],
      "datePublic": "2014-07-02T00:00:00",
      "descriptions": [
        {
          "lang": "en",
          "value": "The BVSMWeb portal in the web framework in Cisco Unified Communications Domain Manager (CDM) in Unified CDM Application Software before 10 does not properly implement access control, which allows remote attackers to modify user information via a crafted URL, aka Bug ID CSCum77041."
        }
      ],
      "problemTypes": [
        {
          "descriptions": [
            {
              "description": "n/a",
              "lang": "en",
              "type": "text"
            }
          ]
        }
      ],
      "providerMetadata": {
        "dateUpdated": "2017-01-05T14:57:01",
        "orgId": "d1c1063e-7a18-46af-9102-31f8928bc633",
        "shortName": "cisco"
      },
      "references": [
        {
          "name": "1030515",
          "tags": [
            "vdb-entry",
            "x_refsource_SECTRACK"
          ],
          "url": "http://www.securitytracker.com/id/1030515"
        },
        {
          "name": "20140702 Multiple Vulnerabilities in Cisco Unified Communications Domain Manager",
          "tags": [
            "vendor-advisory",
            "x_refsource_CISCO"
          ],
          "url": "http://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20140702-cucdm"
        },
        {
          "name": "20140702 Identifying and Mitigating Exploitation of the Multiple Vulnerabilities in Cisco Unified Communications Domain Manager",
          "tags": [
            "vendor-advisory",
            "x_refsource_CISCO"
          ],
          "url": "http://tools.cisco.com/security/center/viewAMBAlert.x?alertId=34689"
        },
        {
          "name": "59556",
          "tags": [
            "third-party-advisory",
            "x_refsource_SECUNIA"
          ],
          "url": "http://secunia.com/advisories/59556"
        },
        {
          "name": "68331",
          "tags": [
            "vdb-entry",
            "x_refsource_BID"
          ],
          "url": "http://www.securityfocus.com/bid/68331"
        }
      ],
      "x_legacyV4Record": {
        "CVE_data_meta": {
          "ASSIGNER": "psirt@cisco.com",
          "ID": "CVE-2014-3300",
          "STATE": "PUBLIC"
        },
        "affects": {
          "vendor": {
            "vendor_data": [
              {
                "product": {
                  "product_data": [
                    {
                      "product_name": "n/a",
                      "version": {
                        "version_data": [
                          {
                            "version_value": "n/a"
                          }
                        ]
                      }
                    }
                  ]
                },
                "vendor_name": "n/a"
              }
            ]
          }
        },
        "data_format": "MITRE",
        "data_type": "CVE",
        "data_version": "4.0",
        "description": {
          "description_data": [
            {
              "lang": "eng",
              "value": "The BVSMWeb portal in the web framework in Cisco Unified Communications Domain Manager (CDM) in Unified CDM Application Software before 10 does not properly implement access control, which allows remote attackers to modify user information via a crafted URL, aka Bug ID CSCum77041."
            }
          ]
        },
        "problemtype": {
          "problemtype_data": [
            {
              "description": [
                {
                  "lang": "eng",
                  "value": "n/a"
                }
              ]
            }
          ]
        },
        "references": {
          "reference_data": [
            {
              "name": "1030515",
              "refsource": "SECTRACK",
              "url": "http://www.securitytracker.com/id/1030515"
            },
            {
              "name": "20140702 Multiple Vulnerabilities in Cisco Unified Communications Domain Manager",
              "refsource": "CISCO",
              "url": "http://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20140702-cucdm"
            },
            {
              "name": "20140702 Identifying and Mitigating Exploitation of the Multiple Vulnerabilities in Cisco Unified Communications Domain Manager",
              "refsource": "CISCO",
              "url": "http://tools.cisco.com/security/center/viewAMBAlert.x?alertId=34689"
            },
            {
              "name": "59556",
              "refsource": "SECUNIA",
              "url": "http://secunia.com/advisories/59556"
            },
            {
              "name": "68331",
              "refsource": "BID",
              "url": "http://www.securityfocus.com/bid/68331"
            }
          ]
        }
      }
    }
  },
  "cveMetadata": {
    "assignerOrgId": "d1c1063e-7a18-46af-9102-31f8928bc633",
    "assignerShortName": "cisco",
    "cveId": "CVE-2014-3300",
    "datePublished": "2014-07-07T10:00:00",
    "dateReserved": "2014-05-07T00:00:00",
    "dateUpdated": "2024-08-06T10:35:57.146Z",
    "state": "PUBLISHED"
  },
  "dataType": "CVE_RECORD",
  "dataVersion": "5.1"
}

CVE-2014-2197 (GCVE-0-2014-2197)

Vulnerability from nvd – Published: 2014-07-07 10:00 – Updated: 2024-08-06 10:06

Summary

The Administration GUI in the web framework in Cisco Unified Communications Domain Manager (CDM) in Unified CDM Application Software before 8.1.4 does not properly implement access control, which allows remote authenticated users to modify administrative credentials via a crafted URL, aka Bug ID CSCun49862.

Severity ?

No CVSS data available.

CWE

n/a

Assigner

cisco

References

URL

Tags

	http://secunia.com/advisories/59573	third-party-advisoryx_refsource_SECUNIA
	http://www.securitytracker.com/id/1030515	vdb-entryx_refsource_SECTRACK
	http://tools.cisco.com/security/center/content/Ci…	vendor-advisoryx_refsource_CISCO
	http://tools.cisco.com/security/center/viewAMBAle…	vendor-advisoryx_refsource_CISCO
	http://www.securityfocus.com/bid/68333	vdb-entryx_refsource_BID

Show details on NVD website

JSON

To clipboard

{
  "containers": {
    "adp": [
      {
        "providerMetadata": {
          "dateUpdated": "2024-08-06T10:06:00.218Z",
          "orgId": "af854a3a-2127-422b-91ae-364da2661108",
          "shortName": "CVE"
        },
        "references": [
          {
            "name": "59573",
            "tags": [
              "third-party-advisory",
              "x_refsource_SECUNIA",
              "x_transferred"
            ],
            "url": "http://secunia.com/advisories/59573"
          },
          {
            "name": "1030515",
            "tags": [
              "vdb-entry",
              "x_refsource_SECTRACK",
              "x_transferred"
            ],
            "url": "http://www.securitytracker.com/id/1030515"
          },
          {
            "name": "20140702 Multiple Vulnerabilities in Cisco Unified Communications Domain Manager",
            "tags": [
              "vendor-advisory",
              "x_refsource_CISCO",
              "x_transferred"
            ],
            "url": "http://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20140702-cucdm"
          },
          {
            "name": "20140702 Identifying and Mitigating Exploitation of the Multiple Vulnerabilities in Cisco Unified Communications Domain Manager",
            "tags": [
              "vendor-advisory",
              "x_refsource_CISCO",
              "x_transferred"
            ],
            "url": "http://tools.cisco.com/security/center/viewAMBAlert.x?alertId=34689"
          },
          {
            "name": "68333",
            "tags": [
              "vdb-entry",
              "x_refsource_BID",
              "x_transferred"
            ],
            "url": "http://www.securityfocus.com/bid/68333"
          }
        ],
        "title": "CVE Program Container"
      }
    ],
    "cna": {
      "affected": [
        {
          "product": "n/a",
          "vendor": "n/a",
          "versions": [
            {
              "status": "affected",
              "version": "n/a"
            }
          ]
        }
      ],
      "datePublic": "2014-07-02T00:00:00",
      "descriptions": [
        {
          "lang": "en",
          "value": "The Administration GUI in the web framework in Cisco Unified Communications Domain Manager (CDM) in Unified CDM Application Software before 8.1.4 does not properly implement access control, which allows remote authenticated users to modify administrative credentials via a crafted URL, aka Bug ID CSCun49862."
        }
      ],
      "problemTypes": [
        {
          "descriptions": [
            {
              "description": "n/a",
              "lang": "en",
              "type": "text"
            }
          ]
        }
      ],
      "providerMetadata": {
        "dateUpdated": "2017-01-05T14:57:01",
        "orgId": "d1c1063e-7a18-46af-9102-31f8928bc633",
        "shortName": "cisco"
      },
      "references": [
        {
          "name": "59573",
          "tags": [
            "third-party-advisory",
            "x_refsource_SECUNIA"
          ],
          "url": "http://secunia.com/advisories/59573"
        },
        {
          "name": "1030515",
          "tags": [
            "vdb-entry",
            "x_refsource_SECTRACK"
          ],
          "url": "http://www.securitytracker.com/id/1030515"
        },
        {
          "name": "20140702 Multiple Vulnerabilities in Cisco Unified Communications Domain Manager",
          "tags": [
            "vendor-advisory",
            "x_refsource_CISCO"
          ],
          "url": "http://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20140702-cucdm"
        },
        {
          "name": "20140702 Identifying and Mitigating Exploitation of the Multiple Vulnerabilities in Cisco Unified Communications Domain Manager",
          "tags": [
            "vendor-advisory",
            "x_refsource_CISCO"
          ],
          "url": "http://tools.cisco.com/security/center/viewAMBAlert.x?alertId=34689"
        },
        {
          "name": "68333",
          "tags": [
            "vdb-entry",
            "x_refsource_BID"
          ],
          "url": "http://www.securityfocus.com/bid/68333"
        }
      ],
      "x_legacyV4Record": {
        "CVE_data_meta": {
          "ASSIGNER": "psirt@cisco.com",
          "ID": "CVE-2014-2197",
          "STATE": "PUBLIC"
        },
        "affects": {
          "vendor": {
            "vendor_data": [
              {
                "product": {
                  "product_data": [
                    {
                      "product_name": "n/a",
                      "version": {
                        "version_data": [
                          {
                            "version_value": "n/a"
                          }
                        ]
                      }
                    }
                  ]
                },
                "vendor_name": "n/a"
              }
            ]
          }
        },
        "data_format": "MITRE",
        "data_type": "CVE",
        "data_version": "4.0",
        "description": {
          "description_data": [
            {
              "lang": "eng",
              "value": "The Administration GUI in the web framework in Cisco Unified Communications Domain Manager (CDM) in Unified CDM Application Software before 8.1.4 does not properly implement access control, which allows remote authenticated users to modify administrative credentials via a crafted URL, aka Bug ID CSCun49862."
            }
          ]
        },
        "problemtype": {
          "problemtype_data": [
            {
              "description": [
                {
                  "lang": "eng",
                  "value": "n/a"
                }
              ]
            }
          ]
        },
        "references": {
          "reference_data": [
            {
              "name": "59573",
              "refsource": "SECUNIA",
              "url": "http://secunia.com/advisories/59573"
            },
            {
              "name": "1030515",
              "refsource": "SECTRACK",
              "url": "http://www.securitytracker.com/id/1030515"
            },
            {
              "name": "20140702 Multiple Vulnerabilities in Cisco Unified Communications Domain Manager",
              "refsource": "CISCO",
              "url": "http://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20140702-cucdm"
            },
            {
              "name": "20140702 Identifying and Mitigating Exploitation of the Multiple Vulnerabilities in Cisco Unified Communications Domain Manager",
              "refsource": "CISCO",
              "url": "http://tools.cisco.com/security/center/viewAMBAlert.x?alertId=34689"
            },
            {
              "name": "68333",
              "refsource": "BID",
              "url": "http://www.securityfocus.com/bid/68333"
            }
          ]
        }
      }
    }
  },
  "cveMetadata": {
    "assignerOrgId": "d1c1063e-7a18-46af-9102-31f8928bc633",
    "assignerShortName": "cisco",
    "cveId": "CVE-2014-2197",
    "datePublished": "2014-07-07T10:00:00",
    "dateReserved": "2014-02-25T00:00:00",
    "dateUpdated": "2024-08-06T10:06:00.218Z",
    "state": "PUBLISHED"
  },
  "dataType": "CVE_RECORD",
  "dataVersion": "5.1"
}

CVE-2014-3300 (GCVE-0-2014-3300)

Vulnerability from cvelistv5 – Published: 2014-07-07 10:00 – Updated: 2024-08-06 10:35

Summary

The BVSMWeb portal in the web framework in Cisco Unified Communications Domain Manager (CDM) in Unified CDM Application Software before 10 does not properly implement access control, which allows remote attackers to modify user information via a crafted URL, aka Bug ID CSCum77041.

Severity ?

No CVSS data available.

CWE

n/a

Assigner

cisco

References

URL

Tags

	http://www.securitytracker.com/id/1030515	vdb-entryx_refsource_SECTRACK
	http://tools.cisco.com/security/center/content/Ci…	vendor-advisoryx_refsource_CISCO
	http://tools.cisco.com/security/center/viewAMBAle…	vendor-advisoryx_refsource_CISCO
	http://secunia.com/advisories/59556	third-party-advisoryx_refsource_SECUNIA
	http://www.securityfocus.com/bid/68331	vdb-entryx_refsource_BID

Show details on NVD website

JSON

To clipboard

{
  "containers": {
    "adp": [
      {
        "providerMetadata": {
          "dateUpdated": "2024-08-06T10:35:57.146Z",
          "orgId": "af854a3a-2127-422b-91ae-364da2661108",
          "shortName": "CVE"
        },
        "references": [
          {
            "name": "1030515",
            "tags": [
              "vdb-entry",
              "x_refsource_SECTRACK",
              "x_transferred"
            ],
            "url": "http://www.securitytracker.com/id/1030515"
          },
          {
            "name": "20140702 Multiple Vulnerabilities in Cisco Unified Communications Domain Manager",
            "tags": [
              "vendor-advisory",
              "x_refsource_CISCO",
              "x_transferred"
            ],
            "url": "http://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20140702-cucdm"
          },
          {
            "name": "20140702 Identifying and Mitigating Exploitation of the Multiple Vulnerabilities in Cisco Unified Communications Domain Manager",
            "tags": [
              "vendor-advisory",
              "x_refsource_CISCO",
              "x_transferred"
            ],
            "url": "http://tools.cisco.com/security/center/viewAMBAlert.x?alertId=34689"
          },
          {
            "name": "59556",
            "tags": [
              "third-party-advisory",
              "x_refsource_SECUNIA",
              "x_transferred"
            ],
            "url": "http://secunia.com/advisories/59556"
          },
          {
            "name": "68331",
            "tags": [
              "vdb-entry",
              "x_refsource_BID",
              "x_transferred"
            ],
            "url": "http://www.securityfocus.com/bid/68331"
          }
        ],
        "title": "CVE Program Container"
      }
    ],
    "cna": {
      "affected": [
        {
          "product": "n/a",
          "vendor": "n/a",
          "versions": [
            {
              "status": "affected",
              "version": "n/a"
            }
          ]
        }
      ],
      "datePublic": "2014-07-02T00:00:00",
      "descriptions": [
        {
          "lang": "en",
          "value": "The BVSMWeb portal in the web framework in Cisco Unified Communications Domain Manager (CDM) in Unified CDM Application Software before 10 does not properly implement access control, which allows remote attackers to modify user information via a crafted URL, aka Bug ID CSCum77041."
        }
      ],
      "problemTypes": [
        {
          "descriptions": [
            {
              "description": "n/a",
              "lang": "en",
              "type": "text"
            }
          ]
        }
      ],
      "providerMetadata": {
        "dateUpdated": "2017-01-05T14:57:01",
        "orgId": "d1c1063e-7a18-46af-9102-31f8928bc633",
        "shortName": "cisco"
      },
      "references": [
        {
          "name": "1030515",
          "tags": [
            "vdb-entry",
            "x_refsource_SECTRACK"
          ],
          "url": "http://www.securitytracker.com/id/1030515"
        },
        {
          "name": "20140702 Multiple Vulnerabilities in Cisco Unified Communications Domain Manager",
          "tags": [
            "vendor-advisory",
            "x_refsource_CISCO"
          ],
          "url": "http://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20140702-cucdm"
        },
        {
          "name": "20140702 Identifying and Mitigating Exploitation of the Multiple Vulnerabilities in Cisco Unified Communications Domain Manager",
          "tags": [
            "vendor-advisory",
            "x_refsource_CISCO"
          ],
          "url": "http://tools.cisco.com/security/center/viewAMBAlert.x?alertId=34689"
        },
        {
          "name": "59556",
          "tags": [
            "third-party-advisory",
            "x_refsource_SECUNIA"
          ],
          "url": "http://secunia.com/advisories/59556"
        },
        {
          "name": "68331",
          "tags": [
            "vdb-entry",
            "x_refsource_BID"
          ],
          "url": "http://www.securityfocus.com/bid/68331"
        }
      ],
      "x_legacyV4Record": {
        "CVE_data_meta": {
          "ASSIGNER": "psirt@cisco.com",
          "ID": "CVE-2014-3300",
          "STATE": "PUBLIC"
        },
        "affects": {
          "vendor": {
            "vendor_data": [
              {
                "product": {
                  "product_data": [
                    {
                      "product_name": "n/a",
                      "version": {
                        "version_data": [
                          {
                            "version_value": "n/a"
                          }
                        ]
                      }
                    }
                  ]
                },
                "vendor_name": "n/a"
              }
            ]
          }
        },
        "data_format": "MITRE",
        "data_type": "CVE",
        "data_version": "4.0",
        "description": {
          "description_data": [
            {
              "lang": "eng",
              "value": "The BVSMWeb portal in the web framework in Cisco Unified Communications Domain Manager (CDM) in Unified CDM Application Software before 10 does not properly implement access control, which allows remote attackers to modify user information via a crafted URL, aka Bug ID CSCum77041."
            }
          ]
        },
        "problemtype": {
          "problemtype_data": [
            {
              "description": [
                {
                  "lang": "eng",
                  "value": "n/a"
                }
              ]
            }
          ]
        },
        "references": {
          "reference_data": [
            {
              "name": "1030515",
              "refsource": "SECTRACK",
              "url": "http://www.securitytracker.com/id/1030515"
            },
            {
              "name": "20140702 Multiple Vulnerabilities in Cisco Unified Communications Domain Manager",
              "refsource": "CISCO",
              "url": "http://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20140702-cucdm"
            },
            {
              "name": "20140702 Identifying and Mitigating Exploitation of the Multiple Vulnerabilities in Cisco Unified Communications Domain Manager",
              "refsource": "CISCO",
              "url": "http://tools.cisco.com/security/center/viewAMBAlert.x?alertId=34689"
            },
            {
              "name": "59556",
              "refsource": "SECUNIA",
              "url": "http://secunia.com/advisories/59556"
            },
            {
              "name": "68331",
              "refsource": "BID",
              "url": "http://www.securityfocus.com/bid/68331"
            }
          ]
        }
      }
    }
  },
  "cveMetadata": {
    "assignerOrgId": "d1c1063e-7a18-46af-9102-31f8928bc633",
    "assignerShortName": "cisco",
    "cveId": "CVE-2014-3300",
    "datePublished": "2014-07-07T10:00:00",
    "dateReserved": "2014-05-07T00:00:00",
    "dateUpdated": "2024-08-06T10:35:57.146Z",
    "state": "PUBLISHED"
  },
  "dataType": "CVE_RECORD",
  "dataVersion": "5.1"
}

CVE-2014-2197 (GCVE-0-2014-2197)

Vulnerability from cvelistv5 – Published: 2014-07-07 10:00 – Updated: 2024-08-06 10:06

Summary

The Administration GUI in the web framework in Cisco Unified Communications Domain Manager (CDM) in Unified CDM Application Software before 8.1.4 does not properly implement access control, which allows remote authenticated users to modify administrative credentials via a crafted URL, aka Bug ID CSCun49862.

Severity ?

No CVSS data available.

CWE

n/a

Assigner

cisco

References

URL

Tags

	http://secunia.com/advisories/59573	third-party-advisoryx_refsource_SECUNIA
	http://www.securitytracker.com/id/1030515	vdb-entryx_refsource_SECTRACK
	http://tools.cisco.com/security/center/content/Ci…	vendor-advisoryx_refsource_CISCO
	http://tools.cisco.com/security/center/viewAMBAle…	vendor-advisoryx_refsource_CISCO
	http://www.securityfocus.com/bid/68333	vdb-entryx_refsource_BID

Show details on NVD website

JSON

To clipboard

{
  "containers": {
    "adp": [
      {
        "providerMetadata": {
          "dateUpdated": "2024-08-06T10:06:00.218Z",
          "orgId": "af854a3a-2127-422b-91ae-364da2661108",
          "shortName": "CVE"
        },
        "references": [
          {
            "name": "59573",
            "tags": [
              "third-party-advisory",
              "x_refsource_SECUNIA",
              "x_transferred"
            ],
            "url": "http://secunia.com/advisories/59573"
          },
          {
            "name": "1030515",
            "tags": [
              "vdb-entry",
              "x_refsource_SECTRACK",
              "x_transferred"
            ],
            "url": "http://www.securitytracker.com/id/1030515"
          },
          {
            "name": "20140702 Multiple Vulnerabilities in Cisco Unified Communications Domain Manager",
            "tags": [
              "vendor-advisory",
              "x_refsource_CISCO",
              "x_transferred"
            ],
            "url": "http://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20140702-cucdm"
          },
          {
            "name": "20140702 Identifying and Mitigating Exploitation of the Multiple Vulnerabilities in Cisco Unified Communications Domain Manager",
            "tags": [
              "vendor-advisory",
              "x_refsource_CISCO",
              "x_transferred"
            ],
            "url": "http://tools.cisco.com/security/center/viewAMBAlert.x?alertId=34689"
          },
          {
            "name": "68333",
            "tags": [
              "vdb-entry",
              "x_refsource_BID",
              "x_transferred"
            ],
            "url": "http://www.securityfocus.com/bid/68333"
          }
        ],
        "title": "CVE Program Container"
      }
    ],
    "cna": {
      "affected": [
        {
          "product": "n/a",
          "vendor": "n/a",
          "versions": [
            {
              "status": "affected",
              "version": "n/a"
            }
          ]
        }
      ],
      "datePublic": "2014-07-02T00:00:00",
      "descriptions": [
        {
          "lang": "en",
          "value": "The Administration GUI in the web framework in Cisco Unified Communications Domain Manager (CDM) in Unified CDM Application Software before 8.1.4 does not properly implement access control, which allows remote authenticated users to modify administrative credentials via a crafted URL, aka Bug ID CSCun49862."
        }
      ],
      "problemTypes": [
        {
          "descriptions": [
            {
              "description": "n/a",
              "lang": "en",
              "type": "text"
            }
          ]
        }
      ],
      "providerMetadata": {
        "dateUpdated": "2017-01-05T14:57:01",
        "orgId": "d1c1063e-7a18-46af-9102-31f8928bc633",
        "shortName": "cisco"
      },
      "references": [
        {
          "name": "59573",
          "tags": [
            "third-party-advisory",
            "x_refsource_SECUNIA"
          ],
          "url": "http://secunia.com/advisories/59573"
        },
        {
          "name": "1030515",
          "tags": [
            "vdb-entry",
            "x_refsource_SECTRACK"
          ],
          "url": "http://www.securitytracker.com/id/1030515"
        },
        {
          "name": "20140702 Multiple Vulnerabilities in Cisco Unified Communications Domain Manager",
          "tags": [
            "vendor-advisory",
            "x_refsource_CISCO"
          ],
          "url": "http://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20140702-cucdm"
        },
        {
          "name": "20140702 Identifying and Mitigating Exploitation of the Multiple Vulnerabilities in Cisco Unified Communications Domain Manager",
          "tags": [
            "vendor-advisory",
            "x_refsource_CISCO"
          ],
          "url": "http://tools.cisco.com/security/center/viewAMBAlert.x?alertId=34689"
        },
        {
          "name": "68333",
          "tags": [
            "vdb-entry",
            "x_refsource_BID"
          ],
          "url": "http://www.securityfocus.com/bid/68333"
        }
      ],
      "x_legacyV4Record": {
        "CVE_data_meta": {
          "ASSIGNER": "psirt@cisco.com",
          "ID": "CVE-2014-2197",
          "STATE": "PUBLIC"
        },
        "affects": {
          "vendor": {
            "vendor_data": [
              {
                "product": {
                  "product_data": [
                    {
                      "product_name": "n/a",
                      "version": {
                        "version_data": [
                          {
                            "version_value": "n/a"
                          }
                        ]
                      }
                    }
                  ]
                },
                "vendor_name": "n/a"
              }
            ]
          }
        },
        "data_format": "MITRE",
        "data_type": "CVE",
        "data_version": "4.0",
        "description": {
          "description_data": [
            {
              "lang": "eng",
              "value": "The Administration GUI in the web framework in Cisco Unified Communications Domain Manager (CDM) in Unified CDM Application Software before 8.1.4 does not properly implement access control, which allows remote authenticated users to modify administrative credentials via a crafted URL, aka Bug ID CSCun49862."
            }
          ]
        },
        "problemtype": {
          "problemtype_data": [
            {
              "description": [
                {
                  "lang": "eng",
                  "value": "n/a"
                }
              ]
            }
          ]
        },
        "references": {
          "reference_data": [
            {
              "name": "59573",
              "refsource": "SECUNIA",
              "url": "http://secunia.com/advisories/59573"
            },
            {
              "name": "1030515",
              "refsource": "SECTRACK",
              "url": "http://www.securitytracker.com/id/1030515"
            },
            {
              "name": "20140702 Multiple Vulnerabilities in Cisco Unified Communications Domain Manager",
              "refsource": "CISCO",
              "url": "http://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20140702-cucdm"
            },
            {
              "name": "20140702 Identifying and Mitigating Exploitation of the Multiple Vulnerabilities in Cisco Unified Communications Domain Manager",
              "refsource": "CISCO",
              "url": "http://tools.cisco.com/security/center/viewAMBAlert.x?alertId=34689"
            },
            {
              "name": "68333",
              "refsource": "BID",
              "url": "http://www.securityfocus.com/bid/68333"
            }
          ]
        }
      }
    }
  },
  "cveMetadata": {
    "assignerOrgId": "d1c1063e-7a18-46af-9102-31f8928bc633",
    "assignerShortName": "cisco",
    "cveId": "CVE-2014-2197",
    "datePublished": "2014-07-07T10:00:00",
    "dateReserved": "2014-02-25T00:00:00",
    "dateUpdated": "2024-08-06T10:06:00.218Z",
    "state": "PUBLISHED"
  },
  "dataType": "CVE_RECORD",
  "dataVersion": "5.1"
}

Search criteria

4 vulnerabilities found for unified_cdm_application_software by cisco

CVE-2014-3300 (GCVE-0-2014-3300)

CVE-2014-2197 (GCVE-0-2014-2197)

CVE-2014-3300 (GCVE-0-2014-3300)

CVE-2014-2197 (GCVE-0-2014-2197)