Cisco Unified Communications Manager (aka CUCM, formerly CallManager) 6.x, 7.x before 7.1(5b)su4, 8.0, and 8.5 before 8.5(1)su2 and Cisco Unified Presence Server 6.x, 7.x, 8.0, and 8.5 before 8.5xnr allow remote attackers to read database data by connecting to a query interface through an SSL session, aka Bug IDs CSCti81574, CSCto63060, CSCto72183, and CSCto73833.
References
Link | Resource |
---|---|
http://www.cisco.com/en/US/products/products_security_advisory09186a0080b8f532.shtml | Vendor Advisory |
Configurations
Configuration 1 (hide)
|
Configuration 2 (hide)
|
Information
Published : 2011-08-29 08:55
Updated : 2012-06-14 21:00
NVD link : CVE-2011-1643
Mitre link : CVE-2011-1643
JSON object : View
CWE
CWE-200
Exposure of Sensitive Information to an Unauthorized Actor
Products Affected
cisco
- unified_presence_server
- unified_communications_manager