Cisco Unified Communications Manager IM and Presence Service 9.1(1) does not properly restrict access to encrypted passwords, which allows remote attackers to determine cleartext passwords, and consequently execute arbitrary commands, by visiting an unspecified web page and then conducting a decryption attack, aka Bug ID CSCuq46194.
Metrics
Affected Vendors & Products
References
History
No history.
MITRE
Status: PUBLISHED
Assigner: cisco
Published: 2015-06-26T10:00:00
Updated: 2024-08-06T06:11:11.761Z
Reserved: 2015-06-04T00:00:00
Link: CVE-2015-4221
Vulnrichment
No data.
NVD
Status : Analyzed
Published: 2015-06-26T10:59:05.420
Modified: 2016-12-28T17:43:42.697
Link: CVE-2015-4221
Redhat
No data.