Arbitrary File Retrieval Vulnerability in Cisco Unified Call Manager
CVE-2015-0680

Currently unrated

Key Information:

Vendor: Cisco
Status: Unified Callmanager
Vendor: CVE Published:; 28 March 2015

Summary

The vulnerability in Cisco Unified Call Manager version 9.1(2.1000.28) stems from inadequate restrictions on resource requests. This flaw enables remote authenticated users to exploit unspecified vectors, potentially leading to unauthorized access to arbitrary files on the system. Proper security measures should be implemented to mitigate risks associated with this vulnerability.

References

http://tools.cisco.com/security/center/viewAlert.x?alertI...

vendor-advisoryx_refsource_CISCO

http://www.securitytracker.com/id/1031991

vdb-entryx_refsource_SECTRACK

Timeline

Vulnerability published
Mar 28, 2015
Vulnerability Reserved
Jan 7, 2015