Sense of Security is one of Australia’s most trusted providers of cyber resilience, information security and risk management services.

Latest announcements
© Copyright Sense of Security

Security Advisory – SOS-14-003 – Cisco CUCDM Self Care Portal Multiple Vulnerabilities

Release Date: 30-Oct-2014

Last Update:

Vendor Notification Date: 17-Jan-2014

Product: Cisco Unified Communications Domain Manager


Affected versions:

Severity Rating: Medium

Impact: Hijacking
Cross-site Scripting

Attack Vector: Remote with / without authentication

Solution Status: Vendor patch

CVE reference: CVE-2014-3283


Multiple medium risk security vulnerabilities were detected in the Self Care portal of the Cisco Unified Communications Domain Manager (a.k.a. CUCDM or VOSS Solutions Domain Manager). The security vulnerabilities can be used to obtain unauthorised access to the CUCDM Self Care portal and to compromise the hosted VoIP tenant services.

Please refer to the PDF version of this advisory for proof of concept code examples.


All vendor security fixes must be installed.

Discovered By

Fatih Ozavci from Sense of Security Labs.

Our expert consultants are here to help you. For all your Cyber Security needs please contact us today.

No Comments

Sorry, the comment form is closed at this time.