PT-2017-17231 · Cisco · Cisco Unified Communications Domain Manager

Published

2017-06-13

Updated

2017-07-08

CVE-2017-6670

CVSS v3.1

6.1

Medium

Vector

AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N

Name of the Vulnerable Software and Affected Versions Cisco Unified Communications Domain Manager version 8.1(7)ER1

Description A vulnerability in the web-based GUI could allow an unauthenticated, remote attacker to redirect a user to a malicious web page, also known as an Open Redirect issue.

Recommendations For version 8.1(7)ER1, update to a version that fixes this issue, as the current version is affected by the Open Redirect vulnerability.

Fix

Open Redirect

Found an issue in the description? Have something to add? Feel free to write us 👾

dbugs@ptsecurity.com

Weakness Enumeration

CWE-601

Related Identifiers

CVE-2017-6670

Affected Products

Cisco Unified Communications Domain Manager

PT-2017-17231 · Cisco · Cisco Unified Communications Domain Manager

CVE-2017-6670

Weakness Enumeration

Related Identifiers

Affected Products

References · 5