Lumension® Endpoint Intelligence Center

Intelligence Center » Browse All Vulnerabilities » CVE-2015-0680

Overview

Vulnerability Score 4.0 4.0
CVE Id CVE-2015-0680
Last Modified 02 Apr 2015 10:00:24
Published 27 Mar 2015 09:59:53
Confidentiality Impact PARTIAL PARTIAL
Integrity Impact NONE NONE
Availability Impact NONE NONE
Access Vector NETWORK
Access Complexity LOW
Authentication SINGLE_INSTANCE

CVE-2015-0680

Summary

Cisco Unified Call Manager (CM) 9.1(2.1000.28) does not properly restrict resource requests, which allows remote authenticated users to read arbitrary files via unspecified vectors, aka Bug ID CSCuq44439.

Vulnerable Systems

Application

  • Cisco Unified Callmanager 9.1%282.1000.28%29


References

CISCO - 20150327 Cisco Unified Call Manager Arbitrary File Retrieval Vulnerability

SECTRACK - 1031991


Last Updated: 27 May 2016 11:08:14