Lucene search
CiscoCVE-2008-2062HistoryJun 26, 2008 - 5:41 p.m.
CVE-2008-2062
2008-06-2617:41:00
CWE-264
cisco
web.nvd.nist.gov
25
information security
cve-2008-2062
cisco unified communications manager
ris data collector
authentication bypass
bug id cscsq35151
CVSS2
5
Attack Vector
NETWORK
Attack Complexity
LOW
Authentication
NONE
Confidentiality Impact
PARTIAL
Integrity Impact
NONE
Availability Impact
NONE
AV:N/AC:L/Au:N/C:P/I:N/A:N
AI Score
6.2
Confidence
Low
EPSS
0.004
Percentile
73.2%
The Real-Time Information Server (RIS) Data Collector service in Cisco Unified Communications Manager (CUCM) before 4.2(3)SR4, and 4.3 before 4.3(2)SR1, allows remote attackers to bypass authentication, and obtain cluster configuration information and statistics, via a direct TCP connection to the service port, aka Bug ID CSCsq35151.
Affected configurations
Node
ciscounified_communications_managerRange4.2–4.2\(3\)sr4
ORciscounified_communications_managerRange4.3–4.3\(2\)sr1
ORciscounified_communications_managerRange5.0–5.1\(3c\)
ORciscounified_communications_managerRange6.0–6.1\(2\)
| Vendor | Product | Version | CPE |
|---|---|---|---|
| cisco | unified_communications_manager | * | cpe:2.3:a:cisco:unified_communications_manager:*:*:*:*:*:*:*:* |
Related
prion
prion
Authentication flaw
2008-06-26 17:41:00
cvelist
cvelist
CVE-2008-2062
2008-06-26 17:00:00
nvd
nvd
CVE-2008-2062
2008-06-26 17:41:00
seebug
seebug
Cisco Unified Communications Manager RIS数据收集器服务绕过认证漏洞
2008-06-28 00:00:00
securityvulns
securityvulns
cisco
cisco
CVSS2
5
Attack Vector
NETWORK
Attack Complexity
LOW
Authentication
NONE
Confidentiality Impact
PARTIAL
Integrity Impact
NONE
Availability Impact
NONE
AV:N/AC:L/Au:N/C:P/I:N/A:N
AI Score
6.2
Confidence
Low
EPSS
0.004
Percentile
73.2%
Related for CVE-2008-2062