CVE-2016-6464

HIGH

Cisco Unified Communications Manager IM and Presence Service - Info...

Title source: llm
STIX 2.1

Description

A vulnerability in the web management interface of the Cisco Unified Communications Manager IM and Presence Service could allow an unauthenticated, remote attacker to view information on web pages that should be restricted. More Information: CSCva49629. Known Affected Releases: 11.5(1). Known Fixed Releases: 11.5(1.12000.2) 12.0(0.98000.181).

References (3)

Core 3
Core References
Third Party Advisory, VDB Entry vdb-entry x_refsource_sectrack
http://www.securitytracker.com/id/1037412
Third Party Advisory, VDB Entry vdb-entry x_refsource_bid
http://www.securityfocus.com/bid/94802

Scores

CVSS v3 7.5
EPSS 0.0312
EPSS Percentile 86.3%
Attack Vector NETWORK
CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N

Details

CWE
CWE-200
Status published
Products (5)
cisco/unified_communications_manager_im_and_presence_service 10.5\(1\)
cisco/unified_communications_manager_im_and_presence_service 10.5\(2\)
cisco/unified_communications_manager_im_and_presence_service 11.0\(1\)
cisco/unified_communications_manager_im_and_presence_service 11.5\(1\)
n/a/Cisco Unified Communications Manager Cisco Unified Communications Manager
Published Dec 14, 2016
Tracked Since Feb 18, 2026