Lumension® Endpoint Intelligence Center

Intelligence Center » Browse All Vulnerabilities » CVE-2008-2730

Overview

Vulnerability Score 5.0 5.0
CVE Id CVE-2008-2730
Last Modified 07 Mar 2011 10:09:40
Published 26 Jun 2008 01:41:00
Confidentiality Impact PARTIAL PARTIAL
Integrity Impact NONE NONE
Availability Impact NONE NONE
Access Vector NETWORK
Access Complexity LOW
Authentication NONE

CVE-2008-2730

Summary

The Real-Time Information Server (RIS) Data Collector service in Cisco Unified Communications Manager (CUCM) 5.x before 5.1(3) and 6.x before 6.1(1) allows remote attackers to bypass authentication, and obtain cluster configuration information and statistics, via a direct TCP connection to the service port, aka Bug ID CSCsj90843.

Vulnerable Systems

Application

  • Cisco Unified Communications Manager 5.1

  • Cisco Unified Communications Manager 6.1


References

CISCO - 20080625 Cisco Unified Communications Manager Denial of Service and Authentication Bypass Vulnerabilities

XF - cucm-risdatacollector-info-disclosure(43355)

VUPEN - ADV-2008-1933

SECTRACK - 1020361

BID - 29935

SECUNIA - 30848


Last Updated: 27 May 2016 10:47:58