CVE-2008-2730

The Real-Time Information Server (RIS) Data Collector service in Cisco Unified Communications Manager (CUCM) 5.x before 5.1(3) and 6.x before 6.1(1) allows remote attackers to bypass authentication, and obtain cluster configuration information and statistics, via a direct TCP connection to the service port, aka Bug ID CSCsj90843.
Configurations

Configuration 1 (hide)

OR cpe:2.3:a:cisco:unified_communications_manager:5.1:*:*:*:*:*:*:*
cpe:2.3:a:cisco:unified_communications_manager:6.1:*:*:*:*:*:*:*

History

21 Nov 2024, 00:47

Type Values Removed Values Added
References () http://secunia.com/advisories/30848 - () http://secunia.com/advisories/30848 -
References () http://www.cisco.com/en/US/products/products_security_advisory09186a00809b9011.shtml - Patch () http://www.cisco.com/en/US/products/products_security_advisory09186a00809b9011.shtml - Patch
References () http://www.securityfocus.com/bid/29935 - () http://www.securityfocus.com/bid/29935 -
References () http://www.securitytracker.com/id?1020361 - () http://www.securitytracker.com/id?1020361 -
References () http://www.vupen.com/english/advisories/2008/1933/references - () http://www.vupen.com/english/advisories/2008/1933/references -
References () https://exchange.xforce.ibmcloud.com/vulnerabilities/43355 - () https://exchange.xforce.ibmcloud.com/vulnerabilities/43355 -

Information

Published : 2008-06-26 17:41

Updated : 2024-11-21 00:47


NVD link : CVE-2008-2730

Mitre link : CVE-2008-2730

CVE.ORG link : CVE-2008-2730


JSON object : View

Products Affected

cisco

  • unified_communications_manager
CWE
CWE-287

Improper Authentication