Access Control Vulnerability in Cisco Unified Communications Manager IM and Presence Service
CVE-2015-4221

Currently unrated

Key Information:

Vendor

Cisco
Status
Unified Communications Manager Im And Presence Service
Vendor
CVE Published:
26 June 2015

What is CVE-2015-4221?

Cisco Unified Communications Manager IM and Presence Service 9.1(1) contains a vulnerability that fails to adequately restrict access to encrypted passwords. This oversight allows remote attackers to exploit this weakness by navigating to a specific web page to perform a decryption attack on the stored credentials. Successful exploitation may enable the attacker to retrieve cleartext passwords and execute arbitrary commands on the system, posing significant security risks.

Human OS v1.0:
Ageing Is an Unpatched Zero-Day Vulnerability.

Remediate biological technical debt. Prime Ageing uses 95% high-purity SIRT6 activation to maintain genomic integrity and bolster systemic resilience.

Deploy the Patch

References

http://tools.cisco.com/security/center/viewAlert.x?alertI...
vendor-advisoryx_refsource_CISCO
http://www.securityfocus.com/bid/75401
vdb-entryx_refsource_BID
http://www.securitytracker.com/id/1032716
vdb-entryx_refsource_SECTRACK

Timeline

  • Vulnerability published

  • Vulnerability Reserved

JSON
.