CVE-2011-1643
Cisco Unified Communications Manager Database Data Exposure via SSL Query Interface
Title source: llmDescription
Cisco Unified Communications Manager (aka CUCM, formerly CallManager) 6.x, 7.x before 7.1(5b)su4, 8.0, and 8.5 before 8.5(1)su2 and Cisco Unified Presence Server 6.x, 7.x, 8.0, and 8.5 before 8.5xnr allow remote attackers to read database data by connecting to a query interface through an SSL session, aka Bug IDs CSCti81574, CSCto63060, CSCto72183, and CSCto73833.
References (1)
Core 1
Core References
Vendor Advisory vendor-advisory
x_refsource_cisco
http://www.cisco.com/en/US/products/products_security_advisory09186a0080b8f532.shtml
Scores
EPSS
0.0190
EPSS Percentile
77.2%
Details
CWE
CWE-200
Status
published
Products (50)
cisco/unified_communications_manager
6.0
cisco/unified_communications_manager
6.1\(1\)
cisco/unified_communications_manager
6.1\(1a\)
cisco/unified_communications_manager
6.1\(1b\)
cisco/unified_communications_manager
6.1\(2\)
cisco/unified_communications_manager
6.1\(2\)su1
cisco/unified_communications_manager
6.1\(2\)su1a
cisco/unified_communications_manager
6.1\(3\)
cisco/unified_communications_manager
6.1\(3a\)
cisco/unified_communications_manager
6.1\(3b\)
... and 40 more
Published
Aug 29, 2011
Tracked Since
Feb 18, 2026