Описание
The web framework in VOSS in Cisco Unified Communications Domain Manager (CDM) 9.0(.1) and earlier does not properly implement access control, which allows remote authenticated users to obtain potentially sensitive user information by visiting an unspecified Administration GUI web page, aka Bug IDs CSCun46045 and CSCun46116.
Ссылки
- Permissions Required
- Vendor Advisory
- Vendor Advisory
- Third Party AdvisoryVDB Entry
- Third Party AdvisoryVDB Entry
- Permissions Required
- Vendor Advisory
- Vendor Advisory
- Third Party AdvisoryVDB Entry
- Third Party AdvisoryVDB Entry
Уязвимые конфигурации
Конфигурация 1Версия до 9.0\(.1\) (включая)
Одно из
cpe:2.3:a:cisco:unified_communications_domain_manager:*:*:*:*:*:*:*:*
cpe:2.3:a:cisco:unified_communications_domain_manager:7.4:*:*:*:*:*:*:*
cpe:2.3:a:cisco:unified_communications_domain_manager:8.6:*:*:*:*:*:*:*
cpe:2.3:a:cisco:unified_communications_domain_manager:8.6\(.2\):*:*:*:*:*:*:*
cpe:2.3:a:cisco:unified_communications_domain_manager:9.0:*:*:*:*:*:*:*
EPSS
Процентиль: 60%
0.00391
Низкий
4 Medium
CVSS2
Дефекты
CWE-264
Связанные уязвимости
github
больше 3 лет назад
The web framework in VOSS in Cisco Unified Communications Domain Manager (CDM) 9.0(.1) and earlier does not properly implement access control, which allows remote authenticated users to obtain potentially sensitive user information by visiting an unspecified Administration GUI web page, aka Bug IDs CSCun46045 and CSCun46116.
EPSS
Процентиль: 60%
0.00391
Низкий
4 Medium
CVSS2
Дефекты
CWE-264