Test Kennung:	1.3.6.1.4.1.25623.1.0.106190
Kategorie:	CISCO
Titel:	Cisco Unified Communications Manager Information Disclosure Vulnerability (cisco-sa-20160817-ucm)
Zusammenfassung:	A vulnerability in the User Data Services (UDS) Application; Programming Interface (API) for Cisco Unified Communications Manager could allow an; unauthenticated, remote attacker to view confidential information that should require; authentication.
Beschreibung:	Summary: A vulnerability in the User Data Services (UDS) Application Programming Interface (API) for Cisco Unified Communications Manager could allow an unauthenticated, remote attacker to view confidential information that should require authentication. Vulnerability Insight: The vulnerability is due to improper authentication controls for certain information returned by the UDS API. An attacker could exploit this vulnerability by accessing the UDS API. Vulnerability Impact: An exploit could allow the attacker to view certain information that is confidential and should require authentication to retrieve via the UDS API. Affected Software/OS: Cisco Unified Communications Manager version 11.5. Solution: See the referenced vendor advisory for a solution. CVSS Score: 5.0 CVSS Vector: AV:N/AC:L/Au:N/C:P/I:N/A:N
Querverweis:	Common Vulnerability Exposure (CVE) ID: CVE-2016-6364 BugTraq ID: 92517 http://www.securityfocus.com/bid/92517 Cisco Security Advisory: 20160817 Cisco Unified Communications Manager Information Disclosure Vulnerability http://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20160817-ucm http://www.securitytracker.com/id/1036650
Copyright	Copyright (C) 2016 Greenbone AG

Dies ist nur einer von 146377 Anfälligkeitstests in unserem Testpaket. Finden Sie mehr über unsere vollständigen Sicherheitsüberprüfungen heraus. Um einen gratis Test für diese Anfälligkeit auf Ihrem System durchlaufen zu lassen, registrieren Sie sich bitte unten.