The Real-Time Information Server (RIS) Data Collector service in Cisco Unified Communications Manager (CUCM) 5.x before 5.1(3) and 6.x before 6.1(1) allows remote attackers to bypass authentication, and obtain cluster configuration information and statistics, via a direct TCP connection to the service port, aka Bug ID CSCsj90843.
References
Configurations
Configuration 1 (hide)
|
History
21 Nov 2024, 00:47
Type | Values Removed | Values Added |
---|---|---|
References | () http://secunia.com/advisories/30848 - | |
References | () http://www.cisco.com/en/US/products/products_security_advisory09186a00809b9011.shtml - Patch | |
References | () http://www.securityfocus.com/bid/29935 - | |
References | () http://www.securitytracker.com/id?1020361 - | |
References | () http://www.vupen.com/english/advisories/2008/1933/references - | |
References | () https://exchange.xforce.ibmcloud.com/vulnerabilities/43355 - |
Information
Published : 2008-06-26 17:41
Updated : 2024-11-21 00:47
NVD link : CVE-2008-2730
Mitre link : CVE-2008-2730
CVE.ORG link : CVE-2008-2730
JSON object : View
Products Affected
cisco
- unified_communications_manager
CWE
CWE-287
Improper Authentication