PT-2011-3260 · Cisco · Cisco Unified Presence Server+1

Publicado

2011-08-29

Atualizado

2012-06-15

CVE-2011-1643

CVSS v2.0

Alta

Vetor

AV:N/AC:L/Au:N/C:C/I:C/A:C

Name of the Vulnerable Software and Affected Versions Cisco Unified Communications Manager versions 6.x through 8.0 and 8.5 before 8.5(1)su2 Cisco Unified Presence Server versions 6.x through 8.5 before 8.5xnr

Description The issue allows remote attackers to read database data by connecting to a query interface through an SSL session.

Recommendations For Cisco Unified Communications Manager versions 6.x through 8.0 and 8.5 before 8.5(1)su2, update to version 8.5(1)su2 or later. For Cisco Unified Presence Server versions 6.x through 8.5 before 8.5xnr, update to version 8.5xnr or later.

Correção

Information Disclosure

Encontrou algum problema na descrição? Tem algo a acrescentar? Fique à vontade para nos escrever 👾

dbugs@ptsecurity.com

Enumeração de Fraquezas

CWE-200

Identificadores relacionados

CVE-2011-1643

Produtos afetados

Cisco Unified Communications Manager

Cisco Unified Presence Server

PT-2011-3260 · Cisco · Cisco Unified Presence Server+1

CVE-2011-1643

Enumeração de Fraquezas

Identificadores relacionados

Produtos afetados

Referências · 2