CVE-2016-6464

Опубликовано: 14 дек. 2016

Источник: nvd

CVSS3: 7.5

CVSS2: 5

EPSS Низкий

Описание

A vulnerability in the web management interface of the Cisco Unified Communications Manager IM and Presence Service could allow an unauthenticated, remote attacker to view information on web pages that should be restricted. More Information: CSCva49629. Known Affected Releases: 11.5(1). Known Fixed Releases: 11.5(1.12000.2) 12.0(0.98000.181).

Ссылки

http://www.securityfocus.com/bid/94802
Third Party Advisory
VDB Entry
http://www.securitytracker.com/id/1037412
Third Party Advisory
VDB Entry
https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20161207-ucm
Vendor Advisory
http://www.securityfocus.com/bid/94802
Third Party Advisory
VDB Entry
http://www.securitytracker.com/id/1037412
Third Party Advisory
VDB Entry
https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20161207-ucm
Vendor Advisory

Уязвимые конфигурации

Конфигурация 1

Одно из

cpe:2.3:a:cisco:unified_communications_manager_im_and_presence_service:10.5\(1\):*:*:*:*:*:*:*

cpe:2.3:a:cisco:unified_communications_manager_im_and_presence_service:10.5\(2\):*:*:*:*:*:*:*

cpe:2.3:a:cisco:unified_communications_manager_im_and_presence_service:11.0\(1\):*:*:*:*:*:*:*

cpe:2.3:a:cisco:unified_communications_manager_im_and_presence_service:11.5\(1\):*:*:*:*:*:*:*

EPSS

Процентиль: 80%

0.01357

Низкий

7.5 High

CVSS3

5 Medium

CVSS2

Дефекты

CWE-200

Связанные уязвимости

GHSA-rc2h-r2hc-7r57