PT-2011-3260 · Cisco · Cisco Unified Presence Server+1

Published

2011-08-29

Updated

2012-06-15

CVE-2011-1643

CVSS v2.0

High

Vector

AV:N/AC:L/Au:N/C:C/I:C/A:C

Name of the Vulnerable Software and Affected Versions Cisco Unified Communications Manager versions 6.x through 8.0 and 8.5 before 8.5(1)su2 Cisco Unified Presence Server versions 6.x through 8.5 before 8.5xnr

Description The issue allows remote attackers to read database data by connecting to a query interface through an SSL session.

Recommendations For Cisco Unified Communications Manager versions 6.x through 8.0 and 8.5 before 8.5(1)su2, update to version 8.5(1)su2 or later. For Cisco Unified Presence Server versions 6.x through 8.5 before 8.5xnr, update to version 8.5xnr or later.

Fix

Information Disclosure

Found an issue in the description? Have something to add? Feel free to write us 👾

dbugs@ptsecurity.com

Weakness Enumeration

CWE-200

Related Identifiers

CVE-2011-1643

Affected Products

Cisco Unified Communications Manager

Cisco Unified Presence Server

PT-2011-3260 · Cisco · Cisco Unified Presence Server+1

CVE-2011-1643

Weakness Enumeration

Related Identifiers

Affected Products

References · 2