CVE-2014-3277
Cisco Unified Communications Domain Manager - Authentication Bypass
Title source: ruleDescription
The Administration GUI in the web framework in VOSS in Cisco Unified Communications Domain Manager (CDM) 9.0(.1) and earlier does not properly implement access control, which allows remote authenticated users to obtain sensitive user and group information by leveraging Location Administrator privileges and entering a crafted URL, aka Bug ID CSCum77005.
References (5)
Scores
EPSS
0.0036
EPSS Percentile
57.8%
Classification
CWE
CWE-287
Status
draft
Affected Products (5)
cisco/unified_communications_domain_manager
< 9.0\(.1\)
cisco/unified_communications_domain_manager
cisco/unified_communications_domain_manager
cisco/unified_communications_domain_manager
cisco/unified_communications_domain_manager
Timeline
Published
May 29, 2014
Tracked Since
Feb 18, 2026