Remote Database Data Disclosure Vulnerability in Cisco Unified Communications Manager and Cisco Unified Presence Server

Remote Database Data Disclosure Vulnerability in Cisco Unified Communications Manager and Cisco Unified Presence Server

CVE-2011-1643 · HIGH Severity

AV:N/AC:L/AU:N/C:C/I:C/A:C

Cisco Unified Communications Manager (aka CUCM, formerly CallManager) 6.x, 7.x before 7.1(5b)su4, 8.0, and 8.5 before 8.5(1)su2 and Cisco Unified Presence Server 6.x, 7.x, 8.0, and 8.5 before 8.5xnr allow remote attackers to read database data by connecting to a query interface through an SSL session, aka Bug IDs CSCti81574, CSCto63060, CSCto72183, and CSCto73833.

Learn more about our Cis Benchmark Audit For Server Software.