Описание
Cisco Unified Communications Domain Manager before 10.6(1) provides different error messages for pathname access attempts depending on whether the pathname exists, which allows remote attackers to map a filesystem via a series of requests, aka Bug ID CSCut67891.
Ссылки
- Vendor Advisory
- Vendor Advisory
Уязвимые конфигурации
Конфигурация 1
cpe:2.3:a:cisco:hosted_collaboration_solution:10.6_base:*:*:*:*:*:*:*
Конфигурация 2
cpe:2.3:a:cisco:unified_communications_domain_manager:10.6_base:*:*:*:*:*:*:*
EPSS
Процентиль: 51%
0.00283
Низкий
4.3 Medium
CVSS2
Дефекты
CWE-200
Связанные уязвимости
github
больше 3 лет назад
Cisco Unified Communications Domain Manager before 10.6(1) provides different error messages for pathname access attempts depending on whether the pathname exists, which allows remote attackers to map a filesystem via a series of requests, aka Bug ID CSCut67891.
EPSS
Процентиль: 51%
0.00283
Низкий
4.3 Medium
CVSS2
Дефекты
CWE-200