PT-2016-6848 · Cisco · Cisco Unified Communications Manager

Publicado

2016-08-23

·

Atualizado

2016-12-12

·

CVE-2016-6364

CVSS v3.1

7.5

Alta

VetorAV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N
Name of the Vulnerable Software and Affected Versions Cisco Unified Communications Manager version 11.5
Description The issue allows remote attackers to bypass intended access restrictions and obtain sensitive information via unspecified API calls.
Recommendations For Cisco Unified Communications Manager version 11.5, consider restricting access to the UDS API until a patch is available. At the moment, there is no information about a newer version that contains a fix for this issue.

Correção

Information Disclosure

Encontrou algum problema na descrição? Tem algo a acrescentar? Fique à vontade para nos escrever 👾
dbugs@ptsecurity.com

Enumeração de Fraquezas

CWE-200

Identificadores relacionados

CVE-2016-6364

Produtos afetados

Cisco Unified Communications Manager