CVE-2016-6464
HIGHCisco Unified Communications Manager IM and Presence Service - Info...
Title source: llmDescription
A vulnerability in the web management interface of the Cisco Unified Communications Manager IM and Presence Service could allow an unauthenticated, remote attacker to view information on web pages that should be restricted. More Information: CSCva49629. Known Affected Releases: 11.5(1). Known Fixed Releases: 11.5(1.12000.2) 12.0(0.98000.181).
References (3)
Core 3
Core References
Third Party Advisory, VDB Entry vdb-entry
x_refsource_sectrack
http://www.securitytracker.com/id/1037412
Third Party Advisory, VDB Entry vdb-entry
x_refsource_bid
http://www.securityfocus.com/bid/94802
Vendor Advisory x_refsource_confirm
https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20161207-ucm
Scores
CVSS v3
7.5
EPSS
0.0312
EPSS Percentile
86.3%
Attack Vector
NETWORK
CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N
Details
CWE
CWE-200
Status
published
Products (5)
cisco/unified_communications_manager_im_and_presence_service
10.5\(1\)
cisco/unified_communications_manager_im_and_presence_service
10.5\(2\)
cisco/unified_communications_manager_im_and_presence_service
11.0\(1\)
cisco/unified_communications_manager_im_and_presence_service
11.5\(1\)
n/a/Cisco Unified Communications Manager
Cisco Unified Communications Manager
Published
Dec 14, 2016
Tracked Since
Feb 18, 2026