ID de Prueba:	1.3.6.1.4.1.25623.1.0.106190
Categoría:	CISCO
Título:	Cisco Unified Communications Manager Information Disclosure Vulnerability (cisco-sa-20160817-ucm)
Resumen:	A vulnerability in the User Data Services (UDS) Application; Programming Interface (API) for Cisco Unified Communications Manager could allow an; unauthenticated, remote attacker to view confidential information that should require; authentication.
Descripción:	Summary: A vulnerability in the User Data Services (UDS) Application Programming Interface (API) for Cisco Unified Communications Manager could allow an unauthenticated, remote attacker to view confidential information that should require authentication. Vulnerability Insight: The vulnerability is due to improper authentication controls for certain information returned by the UDS API. An attacker could exploit this vulnerability by accessing the UDS API. Vulnerability Impact: An exploit could allow the attacker to view certain information that is confidential and should require authentication to retrieve via the UDS API. Affected Software/OS: Cisco Unified Communications Manager version 11.5. Solution: See the referenced vendor advisory for a solution. CVSS Score: 5.0 CVSS Vector: AV:N/AC:L/Au:N/C:P/I:N/A:N
Referencia Cruzada:	Common Vulnerability Exposure (CVE) ID: CVE-2016-6364 BugTraq ID: 92517 http://www.securityfocus.com/bid/92517 Cisco Security Advisory: 20160817 Cisco Unified Communications Manager Information Disclosure Vulnerability http://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20160817-ucm http://www.securitytracker.com/id/1036650
Copyright	Copyright (C) 2016 Greenbone AG

Esta es sólo una de 145615 pruebas de vulnerabilidad en nuestra serie de pruebas. Encuentre más sobre cómo ejecutar una auditoría de seguridad completa. Para ejecutar una prueba gratuita de esta vulnerabilidad contra su sistema, regístrese ahora.