The vulnerability in the web interface of the Cisco Unified Communications Manager and Cisco Unified Communications Manager Session Management Edition systems allows a perpetrator to disclose protected information or cause service failures.
The vulnerability of the Web interface for Cisco Unified Communications Manager and Cisco Unified Communications Manager Session Management Edition SME is related to incorrect restrictions on XML links to external objects. Exploiting this vulnerability can allow a malicious actor to disclose...