Vulnerability Name:

CVE-2018-15403 (CCN-150777)

Assigned:2018-10-03
Published:2018-10-03
Updated:2019-10-09
Summary:A vulnerability in the web interface of Cisco Emergency Responder, Cisco Unified Communications Manager, Cisco Unified Communications Manager IM & Presence Service, and Cisco Unity Connection could allow an authenticated, remote attacker to redirect a user to a malicious web page. The vulnerability is due to improper input validation of the parameters of an HTTP request. An attacker could exploit this vulnerability by crafting an HTTP request that causes the web interface to redirect a request to a specific malicious URL. This type of vulnerability is known as an open redirect attack and is used in phishing attacks that get users to unknowingly visit malicious sites.
CVSS v3 Severity:5.4 Medium (CVSS v3.1 Vector: CVSS:3.1/AV:N/AC:L/PR:L/UI:R/S:C/C:L/I:L/A:N)
4.7 Medium (Temporal CVSS v3.1 Vector: CVSS:3.1/AV:N/AC:L/PR:L/UI:R/S:C/C:L/I:L/A:N/E:U/RL:O/RC:C)
Exploitability Metrics:Attack Vector (AV): Network
Attack Complexity (AC): Low
Privileges Required (PR): Low
User Interaction (UI): Required
Scope:Scope (S): Changed
Impact Metrics:Confidentiality (C): Low
Integrity (I): Low
Availibility (A): None
6.8 Medium (CCN CVSS v3.1 Vector: CVSS:3.1/AV:N/AC:L/PR:L/UI:R/S:C/C:N/I:H/A:N)
5.9 Medium (CCN Temporal CVSS v3.1 Vector: CVSS:3.1/AV:N/AC:L/PR:L/UI:R/S:C/C:N/I:H/A:N/E:U/RL:O/RC:C)
Exploitability Metrics:Attack Vector (AV): Network
Attack Complexity (AC): Low
Privileges Required (PR): Low
User Interaction (UI): Required
Scope:Scope (S): Changed
Impact Metrics:Confidentiality (C): None
Integrity (I): High
Availibility (A): None
CVSS v2 Severity:4.9 Medium (CVSS v2 Vector: AV:N/AC:M/Au:S/C:P/I:P/A:N)
Exploitability Metrics:Access Vector (AV): Network
Access Complexity (AC): Medium
Authentication (Au): Single_Instance
Impact Metrics:Confidentiality (C): Partial
Integrity (I): Partial
Availibility (A): None
6.8 Medium (CCN CVSS v2 Vector: AV:N/AC:L/Au:S/C:N/I:C/A:N)
Exploitability Metrics:Access Vector (AV): Network
Access Complexity (AC): Low
Athentication (Au): Single_Instance
Impact Metrics:Confidentiality (C): None
Integrity (I): Complete
Availibility (A): None
Vulnerability Type:CWE-601
Vulnerability Consequences:Gain Access
References:Source: MITRE
Type: CNA
CVE-2018-15403

Source: SECTRACK
Type: Third Party Advisory, VDB Entry
1041780

Source: SECTRACK
Type: Third Party Advisory, VDB Entry
1041789

Source: XF
Type: UNKNOWN
cisco-cve201815403-open-redirect(150777)

Source: CCN
Type: Cisco Security Advisory cisco-sa-20181003-er-ucm-redirect
Multiple Cisco Unified Communications Products Open Redirect Vulnerability

Source: CISCO
Type: Vendor Advisory
20181003 Multiple Cisco Unified Communications Products Open Redirect Vulnerability

Vulnerable Configuration:Configuration 1:
  • cpe:/a:cisco:unified_communications_manager:10.5(2.10000.5):*:*:*:*:*:*:*
  • OR cpe:/a:cisco:unified_communications_manager:11.0(1.10000.10):*:*:*:*:*:*:*
  • OR cpe:/a:cisco:unified_communications_manager:11.5(1.10000.6):*:*:*:*:*:*:*
  • OR cpe:/a:cisco:unified_communications_manager:12.0(1.10000.10):*:*:*:*:*:*:*

  • Configuration 2:
  • cpe:/a:cisco:unity_connection:9.1(1)es23:*:*:*:*:*:*:*

  • Configuration 3:
  • cpe:/a:cisco:unified_communications_manager_im_and_presence_service:10.5(1):*:*:*:*:*:*:*
  • OR cpe:/a:cisco:unified_communications_manager_im_and_presence_service:10.5(2):*:*:*:*:*:*:*
  • OR cpe:/a:cisco:unified_communications_manager_im_and_presence_service:12.0(1):*:*:*:*:*:*:*
  • OR cpe:/a:cisco:unified_communications_manager_im_and_presence_service:12.5(1):*:*:*:*:*:*:*

  • Configuration 4:
  • cpe:/a:cisco:emergency_responder:11.5(4.59000.1):*:*:*:*:*:*:*
  • OR cpe:/a:cisco:emergency_responder:12.0(1.40000.3):*:*:*:*:*:*:*
  • OR cpe:/a:cisco:emergency_responder:12.5(0.98000.110):*:*:*:*:*:*:*

  • Configuration CCN 1:
  • cpe:/a:cisco:emergency_responder:-:*:*:*:*:*:*:*
  • OR cpe:/a:cisco:unified_communications_manager:*:*:*:*:*:*:*:*
  • OR cpe:/a:cisco:unity_connection:-:*:*:*:*:*:*:*

  • * Denotes that component is vulnerable
    BACK
    cisco unified communications manager 10.5(2.10000.5)
    cisco unified communications manager 11.0(1.10000.10)
    cisco unified communications manager 11.5(1.10000.6)
    cisco unified communications manager 12.0(1.10000.10)
    cisco unity connection 9.1(1)es23
    cisco unified communications manager im and presence service 10.5(1)
    cisco unified communications manager im and presence service 10.5(2)
    cisco unified communications manager im and presence service 12.0(1)
    cisco unified communications manager im and presence service 12.5(1)
    cisco emergency responder 11.5(4.59000.1)
    cisco emergency responder 12.0(1.40000.3)
    cisco emergency responder 12.5(0.98000.110)
    cisco emergency responder -
    cisco unified communications manager *
    cisco unity connection -