CVE-2016-6364

Опубликовано: 23 авг. 2016

Источник: nvd

CVSS3: 7.5

CVSS2: 5

EPSS Низкий

Описание

The User Data Services (UDS) API implementation in Cisco Unified Communications Manager 11.5 allows remote attackers to bypass intended access restrictions and obtain sensitive information via unspecified API calls, aka Bug ID CSCux67855.

Ссылки

http://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20160817-ucm
Vendor Advisory
http://www.securityfocus.com/bid/92517
Third Party Advisory
VDB Entry
http://www.securitytracker.com/id/1036650
Third Party Advisory
VDB Entry
http://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20160817-ucm
Vendor Advisory
http://www.securityfocus.com/bid/92517
Third Party Advisory
VDB Entry
http://www.securitytracker.com/id/1036650
Third Party Advisory
VDB Entry

Уязвимые конфигурации

Конфигурация 1

cpe:2.3:a:cisco:unified_communications_manager:11.5.0:*:*:*:*:*:*:*

EPSS

Процентиль: 72%

0.00734

Низкий

7.5 High

CVSS3

5 Medium

CVSS2

Дефекты

CWE-200

Связанные уязвимости

GHSA-qj4x-mj6w-4c5v