Overview
- Description
- A vulnerability in the web management interface of the Cisco Unified Communications Manager IM and Presence Service could allow an unauthenticated, remote attacker to view information on web pages that should be restricted. More Information: CSCva49629. Known Affected Releases: 11.5(1). Known Fixed Releases: 11.5(1.12000.2) 12.0(0.98000.181).
- Source
- ykramarz@cisco.com
- NVD status
- Analyzed
Risk scores
CVSS 3.0
- Type
- Primary
- Base score
- 7.5
- Impact score
- 3.6
- Exploitability score
- 3.9
- Vector string
- CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N
- Severity
- HIGH
CVSS 2.0
- Type
- Primary
- Base score
- 5
- Impact score
- 2.9
- Exploitability score
- 10
- Vector string
- AV:N/AC:L/Au:N/C:P/I:N/A:N
Weaknesses
- nvd@nist.gov
- CWE-200
Social media
- Hype score
- Not currently trending
Configurations
[
{
"nodes": [
{
"negate": false,
"cpeMatch": [
{
"criteria": "cpe:2.3:a:cisco:unified_communications_manager_im_and_presence_service:10.5\\(1\\):*:*:*:*:*:*:*",
"vulnerable": true,
"matchCriteriaId": "07CA186C-F010-4C41-9F27-56639DF8D0EF"
},
{
"criteria": "cpe:2.3:a:cisco:unified_communications_manager_im_and_presence_service:10.5\\(2\\):*:*:*:*:*:*:*",
"vulnerable": true,
"matchCriteriaId": "BF58FA68-5EEC-47A2-AD8C-2342B449741D"
},
{
"criteria": "cpe:2.3:a:cisco:unified_communications_manager_im_and_presence_service:11.0\\(1\\):*:*:*:*:*:*:*",
"vulnerable": true,
"matchCriteriaId": "ABAD4CA1-E77D-48EC-8C84-2B184D003E34"
},
{
"criteria": "cpe:2.3:a:cisco:unified_communications_manager_im_and_presence_service:11.5\\(1\\):*:*:*:*:*:*:*",
"vulnerable": true,
"matchCriteriaId": "34D89C42-AAD9-4B04-9F95-F77681E39553"
}
],
"operator": "OR"
}
]
}
]