Unrated severityNVD Advisory· Published Jun 3, 2014· Updated May 6, 2026

CVE-2014-3280

Description

The web framework in VOSS in Cisco Unified Communications Domain Manager (CDM) 9.0(.1) and earlier does not properly implement access control, which allows remote authenticated users to obtain potentially sensitive user information by visiting an unspecified Administration GUI web page, aka Bug IDs CSCun46045 and CSCun46116.

Affected products

Cisco Systems, Inc./Unified Communications Domain Manager5 versions
cpe:2.3:a:cisco:unified_communications_domain_manager:*:*:*:*:*:*:*:*+ 4 more
- cpe:2.3:a:cisco:unified_communications_domain_manager:*:*:*:*:*:*:*:*range: <=9.0\(.1\)
- cpe:2.3:a:cisco:unified_communications_domain_manager:7.4:*:*:*:*:*:*:*
- cpe:2.3:a:cisco:unified_communications_domain_manager:8.6:*:*:*:*:*:*:*
- cpe:2.3:a:cisco:unified_communications_domain_manager:8.6\(.2\):*:*:*:*:*:*:*
- cpe:2.3:a:cisco:unified_communications_domain_manager:9.0:*:*:*:*:*:*:*

Patches

No patches discovered yet.

Vulnerability mechanics

AI mechanics synthesis has not run for this CVE yet.

References

tools.cisco.com/security/center/content/CiscoSecurityNotice/CVE-2014-3280nvdVendor Advisory
tools.cisco.com/security/center/viewAlert.xnvdVendor Advisory
www.securityfocus.com/bid/67661nvdThird Party AdvisoryVDB Entry
www.securitytracker.com/id/1030306nvdThird Party AdvisoryVDB Entry
secunia.com/advisories/58400nvdPermissions Required

News mentions

No linked articles in our index yet.

cvss	0.000
epss	0.000
exploit	0.000
kev	0.000
patch	0.000
ransomware	0.000