2 matches found
CVE-2013-7030
The TFTP service in Cisco Unified Communications Manager aka CUCM or Unified CM allows remote attackers to obtain sensitive information from a phone via an RRQ operation, as demonstrated by discovering a cleartext UseUserCredential field in an SPDefault.cnf.xml file. NOTE: the vendor reportedly...
CVE-2013-7030
CVE-2013-7030 affects Cisco Unified Communications Manager: the TFTP service can leak sensitive phone configuration data via an RRQ, specifically exposing a cleartext UseUserCredential in SPDefault.cnf.xml. The issue stems from a default TFTP behavior described as exposing this field, with Cisco ...