Identity Validation Flaw in Cisco Unified Communications Manager for MRA Services
CVE-2015-6410

Currently unrated

Key Information:

Vendor
Cisco
Status
Telepresence Video Communication Server Software
Vendor
CVE Published:
14 December 2015

Summary

The Mobile and Remote Access (MRA) services in Cisco Unified Communications Manager exhibit a critical flaw in edge-device identity validation. This weakness allows attackers to spoof user identities, enabling unauthorized call reception and setup, which compromises the security protocols intended to safeguard communication. It is essential for organizations using this product to implement recommended security measures to mitigate the risk of exploitation.

References

http://www.securitytracker.com/id/1034377
vdb-entryx_refsource_SECTRACK
http://tools.cisco.com/security/center/content/CiscoSecur...
vendor-advisoryx_refsource_CISCO
http://www.securityfocus.com/bid/78741
vdb-entryx_refsource_BID

Timeline

  • Vulnerability published

  • Vulnerability Reserved

.