Lumension® Endpoint Intelligence Center

Intelligence Center » Browse All Vulnerabilities » CVE-2008-2062


Vulnerability Score 5.0 5.0
CVE Id CVE-2008-2062
Last Modified 07 Mar 2011 10:08:38
Published 26 Jun 2008 01:41:00
Confidentiality Impact PARTIAL PARTIAL
Integrity Impact NONE NONE
Availability Impact NONE NONE
Access Vector NETWORK
Access Complexity LOW
Authentication NONE



The Real-Time Information Server (RIS) Data Collector service in Cisco Unified Communications Manager (CUCM) before 4.2(3)SR4, and 4.3 before 4.3(2)SR1, allows remote attackers to bypass authentication, and obtain cluster configuration information and statistics, via a direct TCP connection to the service port, aka Bug ID CSCsq35151.

Vulnerable Systems


  • Cisco Unified Communications Manager 4.2

  • Cisco Unified Communications Manager 4.3


CISCO - 20080625 Cisco Unified Communications Manager Denial of Service and Authentication Bypass Vulnerabilities

XF - cucm-risdatacollector-info-disclosure(43355)

VUPEN - ADV-2008-1933

SECTRACK - 1020361

BID - 29935

SECUNIA - 30848

Last Updated: 27 May 2016 10:47:44