The Administration GUI in the web framework in VOSS in Cisco Unified Communications Domain Manager (CDM) 9.0(.1) and earlier does not properly implement access control, which allows remote attackers to enumerate account names via a crafted URL, aka Bug IDs CSCun39631 and CSCun39643.
References
History
No history.
MITRE Information
Status: PUBLISHED
Assigner: cisco
Published: 2014-05-29T17:00:00
Updated: 2014-07-07T17:57:00
Reserved: 2014-05-07T00:00:00
Link: CVE-2014-3279
JSON object: View
NVD Information
Status : Analyzed
Published: 2014-05-29T17:55:05.210
Modified: 2015-12-04T18:43:37.607
Link: CVE-2014-3279
JSON object: View
Redhat Information
No data.
CWE