CVSS2
Attack Vector
NETWORK
Attack Complexity
LOW
Authentication
NONE
Confidentiality Impact
PARTIAL
Integrity Impact
NONE
Availability Impact
NONE
AV:N/AC:L/Au:N/C:P/I:N/A:N
AI Score
Confidence
Low
EPSS
Percentile
58.6%
The administration interface in Cisco Unified Communications Manager (Unified CM) 10.0(1) and earlier allows remote attackers to bypass authentication and read Java class files via a direct request, aka Bug ID CSCum46497.
Vendor | Product | Version | CPE |
---|---|---|---|
cisco | unified_communications_manager | * | cpe:2.3:a:cisco:unified_communications_manager:*:*:*:*:*:*:*:* |
cisco | unified_communications_manager | 3.3(5) | cpe:2.3:a:cisco:unified_communications_manager:3.3\(5\):*:*:*:*:*:*:* |
cisco | unified_communications_manager | 3.3(5)sr1 | cpe:2.3:a:cisco:unified_communications_manager:3.3\(5\)sr1:*:*:*:*:*:*:* |
cisco | unified_communications_manager | 3.3(5)sr2a | cpe:2.3:a:cisco:unified_communications_manager:3.3\(5\)sr2a:*:*:*:*:*:*:* |
cisco | unified_communications_manager | 4.1(3) | cpe:2.3:a:cisco:unified_communications_manager:4.1\(3\):*:*:*:*:*:*:* |
cisco | unified_communications_manager | 4.1(3)sr1 | cpe:2.3:a:cisco:unified_communications_manager:4.1\(3\)sr1:*:*:*:*:*:*:* |
cisco | unified_communications_manager | 4.1(3)sr2 | cpe:2.3:a:cisco:unified_communications_manager:4.1\(3\)sr2:*:*:*:*:*:*:* |
cisco | unified_communications_manager | 4.1(3)sr3 | cpe:2.3:a:cisco:unified_communications_manager:4.1\(3\)sr3:*:*:*:*:*:*:* |
cisco | unified_communications_manager | 4.1(3)sr4 | cpe:2.3:a:cisco:unified_communications_manager:4.1\(3\)sr4:*:*:*:*:*:*:* |
cisco | unified_communications_manager | 4.2 | cpe:2.3:a:cisco:unified_communications_manager:4.2:*:*:*:*:*:*:* |