Open Redirect in Cisco Emergency Responder

CVE-2018-15403

A vulnerability in the web interface of Cisco Emergency Responder, Cisco Unified Communications Manager, Cisco Unified Communications Manager IM & Presence Service, and Cisco Unity Connection could allow an authenticated, remote attacker t…

Vulnerability class: Open Redirect

EPSS: 0.002 (36.4th percentile) — read the EPSS interpretation.

Affected products

Cisco Emergency Responder — versions n/a

Weakness classification (CWE)

CWE-601 — URL Redirection to Untrusted Site (Open Redirect)

References

1041789 (vdb-entry, x_refsource_SECTRACK)
1041780 (vdb-entry, x_refsource_SECTRACK)
20181003 Multiple Cisco Unified Communications Products Open Redirect Vulnerability (x_refsource_CISCO, vendor-advisory)