CVE-2008-2062

Sažetak

The Real-Time Information Server (RIS) Data Collector service in Cisco Unified Communications Manager (CUCM) before 4.2(3)SR4, and 4.3 before 4.3(2)SR1, allows remote attackers to bypass authentication, and obtain cluster configuration information and statistics, via a direct TCP connection to the service port, aka Bug ID CSCsq35151.

Reference

http://secunia.com/advisories/30848
http://www.cisco.com/en/US/products/products_security_advisory09186a00809b9011.shtml
http://www.securityfocus.com/bid/29935
http://www.securitytracker.com/id?1020361
http://www.vupen.com/english/advisories/2008/1933/references
https://exchange.xforce.ibmcloud.com/vulnerabilities/43355

CVSS

Base:	5.0
Impact:	2.9
Exploitability:	10.0

Pristup

Vektor	Složenost	Autentikacija
NETWORK	LOW	NONE

Impact

Povjerljivost	Cjelovitost	Dostupnost
PARTIAL	NONE	NONE

CVSS vektor

AV:N/AC:L/Au:N/C:P/I:N/A:N

Zadnje važnije ažuriranje

31-07-2019 - 12:55

Objavljeno

26-06-2008 - 17:41