Unrated severityNVD Advisory· Published Jul 7, 2014· Updated May 6, 2026

CVE-2014-3300

Description

The BVSMWeb portal in the web framework in Cisco Unified Communications Domain Manager (CDM) in Unified CDM Application Software before 10 does not properly implement access control, which allows remote attackers to modify user information via a crafted URL, aka Bug ID CSCum77041.

Affected products

Cisco Systems, Inc./Unified Cdm Application Software2 versions
cpe:2.3:a:cisco:unified_cdm_application_software:*:*:*:*:*:*:*:*+ 1 more
- cpe:2.3:a:cisco:unified_cdm_application_software:*:*:*:*:*:*:*:*range: <=8.1.4
- cpe:2.3:a:cisco:unified_cdm_application_software:8.1:*:*:*:*:*:*:*
Cisco Systems, Inc./Unified Communications Domain Manager
cpe:2.3:a:cisco:unified_communications_domain_manager:-:*:*:*:*:*:*:*

Patches

No patches discovered yet.

Vulnerability mechanics

AI mechanics synthesis has not run for this CVE yet.

References

tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20140702-cucdmnvdVendor Advisory
tools.cisco.com/security/center/viewAMBAlert.xnvdVendor Advisory
www.securityfocus.com/bid/68331nvdThird Party AdvisoryVDB Entry
www.securitytracker.com/id/1030515nvdThird Party AdvisoryVDB Entry
secunia.com/advisories/59556nvd

News mentions

No linked articles in our index yet.

cvss	0.000
epss	0.036
exploit	0.030
kev	0.000
patch	0.000
ransomware	0.000