Lucene search
CiscoCVE-2013-6978HistoryDec 21, 2013 - 2:22 p.m.
CVE-2013-6978
2013-12-2114:22:57
CWE-200
cisco
web.nvd.nist.gov
23
cisco
unified communications manager
drs
cve-2013-6978
nvd
bug id cscuj39249
CVSS2
4
Attack Vector
NETWORK
Attack Complexity
LOW
Authentication
SINGLE
Confidentiality Impact
PARTIAL
Integrity Impact
NONE
Availability Impact
NONE
AV:N/AC:L/Au:S/C:P/I:N/A:N
AI Score
5.8
Confidence
Low
EPSS
0.002
Percentile
64.8%
The disaster recovery system (DRS) component in Cisco Unified Communications Manager (UCM) 9.1(1) and earlier allows remote authenticated users to obtain sensitive device information by reading “extraneous information” in HTML source code, aka Bug ID CSCuj39249.
Affected configurations
Node
ciscounified_communications_managerRange≤9.1\(1\)
ORciscounified_communications_managerMatch3.3\(5\)
ORciscounified_communications_managerMatch3.3\(5\)sr1
ORciscounified_communications_managerMatch3.3\(5\)sr2a
ORciscounified_communications_managerMatch4.1\(3\)
ORciscounified_communications_managerMatch4.1\(3\)sr1
ORciscounified_communications_managerMatch4.1\(3\)sr2
ORciscounified_communications_managerMatch4.1\(3\)sr3
ORciscounified_communications_managerMatch4.1\(3\)sr4
ORciscounified_communications_managerMatch4.2
ORciscounified_communications_managerMatch4.2.1
ORciscounified_communications_managerMatch4.2.2
ORciscounified_communications_managerMatch4.2.3
ORciscounified_communications_managerMatch4.2.3sr1
ORciscounified_communications_managerMatch4.2.3sr2
ORciscounified_communications_managerMatch4.2.3sr2b
ORciscounified_communications_managerMatch4.3
ORciscounified_communications_managerMatch4.3\(1\)
ORciscounified_communications_managerMatch5.0
ORciscounified_communications_managerMatch5.1
ORciscounified_communications_managerMatch5.1\(1\)
ORciscounified_communications_managerMatch5.1\(1b\)
ORciscounified_communications_managerMatch5.1\(1c\)
ORciscounified_communications_managerMatch5.1\(2\)
ORciscounified_communications_managerMatch5.1\(2a\)
ORciscounified_communications_managerMatch5.1\(2b\)
ORciscounified_communications_managerMatch5.1\(3\)
ORciscounified_communications_managerMatch5.1\(3a\)
ORciscounified_communications_managerMatch5.1\(3c\)
ORciscounified_communications_managerMatch5.1\(3d\)
ORciscounified_communications_managerMatch5.1\(3e\)
ORciscounified_communications_managerMatch5.1.2
ORciscounified_communications_managerMatch6.0
ORciscounified_communications_managerMatch6.0\(1\)
ORciscounified_communications_managerMatch6.0\(1a\)
ORciscounified_communications_managerMatch6.0\(1b\)
ORciscounified_communications_managerMatch6.1\(1\)
ORciscounified_communications_managerMatch6.1\(1a\)
ORciscounified_communications_managerMatch6.1\(1b\)
ORciscounified_communications_managerMatch6.1\(2\)
ORciscounified_communications_managerMatch6.1\(2\)su1
ORciscounified_communications_managerMatch6.1\(2\)su1a
ORciscounified_communications_managerMatch6.1\(3\)
ORciscounified_communications_managerMatch6.1\(3a\)
ORciscounified_communications_managerMatch6.1\(3b\)
ORciscounified_communications_managerMatch6.1\(3b\)su1
ORciscounified_communications_managerMatch6.1\(4\)
ORciscounified_communications_managerMatch6.1\(4\)su1
ORciscounified_communications_managerMatch6.1\(4a\)
ORciscounified_communications_managerMatch6.1\(4a\)su2
ORciscounified_communications_managerMatch6.1\(5\)
ORciscounified_communications_managerMatch6.1\(5\)su1
ORciscounified_communications_managerMatch6.1\(5\)su2
ORciscounified_communications_managerMatch6.1\(5\)su3
ORciscounified_communications_managerMatch7.0\(1\)su1
ORciscounified_communications_managerMatch7.0\(1\)su1a
ORciscounified_communications_managerMatch7.0\(2\)
ORciscounified_communications_managerMatch7.0\(2a\)
ORciscounified_communications_managerMatch7.0\(2a\)su1
ORciscounified_communications_managerMatch7.0\(2a\)su2
ORciscounified_communications_managerMatch7.1\(2a\)
ORciscounified_communications_managerMatch7.1\(2a\)su1
ORciscounified_communications_managerMatch7.1\(2b\)
ORciscounified_communications_managerMatch7.1\(2b\)su1
ORciscounified_communications_managerMatch7.1\(3\)
ORciscounified_communications_managerMatch7.1\(3a\)
ORciscounified_communications_managerMatch7.1\(3a\)su1
ORciscounified_communications_managerMatch7.1\(3a\)su1a
ORciscounified_communications_managerMatch7.1\(3b\)
ORciscounified_communications_managerMatch7.1\(3b\)su1
ORciscounified_communications_managerMatch7.1\(3b\)su2
ORciscounified_communications_managerMatch7.1\(5\)
ORciscounified_communications_managerMatch7.1\(5\)su1
ORciscounified_communications_managerMatch7.1\(5\)su1a
ORciscounified_communications_managerMatch7.1\(5a\)
ORciscounified_communications_managerMatch7.1\(5b\)
ORciscounified_communications_managerMatch7.1\(5b\)su1
ORciscounified_communications_managerMatch7.1\(5b\)su1a
ORciscounified_communications_managerMatch7.1\(5b\)su2
ORciscounified_communications_managerMatch7.1\(5b\)su3
ORciscounified_communications_managerMatch7.1\(5b\)su4
ORciscounified_communications_managerMatch7.1\(5b\)su5
ORciscounified_communications_managerMatch7.1\(5b\)su6
ORciscounified_communications_managerMatch8.0
ORciscounified_communications_managerMatch8.0\(1\)
ORciscounified_communications_managerMatch8.0\(2\)
ORciscounified_communications_managerMatch8.0\(2a\)
ORciscounified_communications_managerMatch8.0\(2b\)
ORciscounified_communications_managerMatch8.0\(2c\)
ORciscounified_communications_managerMatch8.0\(2c\)su1
ORciscounified_communications_managerMatch8.0\(3\)
ORciscounified_communications_managerMatch8.0\(3a\)
ORciscounified_communications_managerMatch8.0\(3a\)su1
ORciscounified_communications_managerMatch8.0\(3a\)su2
ORciscounified_communications_managerMatch8.0\(3a\)su3
ORciscounified_communications_managerMatch8.5
ORciscounified_communications_managerMatch8.5\(1\)
ORciscounified_communications_managerMatch8.5\(1\)su1
ORciscounified_communications_managerMatch8.5\(1\)su2
ORciscounified_communications_managerMatch8.5\(1\)su3
ORciscounified_communications_managerMatch8.5\(1\)su4
ORciscounified_communications_managerMatch8.5\(1\)su5
ORciscounified_communications_managerMatch8.6
ORciscounified_communications_managerMatch8.6\(1\)
ORciscounified_communications_managerMatch8.6\(1a\)
ORciscounified_communications_managerMatch8.6\(2\)
ORciscounified_communications_managerMatch8.6\(2a\)
ORciscounified_communications_managerMatch8.6\(2a\)su1
ORciscounified_communications_managerMatch8.6\(2a\)su2
ORciscounified_communications_managerMatch8.6\(2a\)su3
ORciscounified_communications_managerMatch8.6\(3\)
ORciscounified_communications_managerMatch8.6\(4\)
ORciscounified_communications_managerMatch9.0\(1\)
| Vendor | Product | Version | CPE |
|---|---|---|---|
| cisco | unified_communications_manager | * | cpe:2.3:a:cisco:unified_communications_manager:*:*:*:*:*:*:*:* |
| cisco | unified_communications_manager | 3.3(5) | cpe:2.3:a:cisco:unified_communications_manager:3.3\(5\):*:*:*:*:*:*:* |
| cisco | unified_communications_manager | 3.3(5)sr1 | cpe:2.3:a:cisco:unified_communications_manager:3.3\(5\)sr1:*:*:*:*:*:*:* |
| cisco | unified_communications_manager | 3.3(5)sr2a | cpe:2.3:a:cisco:unified_communications_manager:3.3\(5\)sr2a:*:*:*:*:*:*:* |
| cisco | unified_communications_manager | 4.1(3) | cpe:2.3:a:cisco:unified_communications_manager:4.1\(3\):*:*:*:*:*:*:* |
| cisco | unified_communications_manager | 4.1(3)sr1 | cpe:2.3:a:cisco:unified_communications_manager:4.1\(3\)sr1:*:*:*:*:*:*:* |
| cisco | unified_communications_manager | 4.1(3)sr2 | cpe:2.3:a:cisco:unified_communications_manager:4.1\(3\)sr2:*:*:*:*:*:*:* |
| cisco | unified_communications_manager | 4.1(3)sr3 | cpe:2.3:a:cisco:unified_communications_manager:4.1\(3\)sr3:*:*:*:*:*:*:* |
| cisco | unified_communications_manager | 4.1(3)sr4 | cpe:2.3:a:cisco:unified_communications_manager:4.1\(3\)sr4:*:*:*:*:*:*:* |
| cisco | unified_communications_manager | 4.2 | cpe:2.3:a:cisco:unified_communications_manager:4.2:*:*:*:*:*:*:* |
Related
nvd
nvd
CVE-2013-6978
2013-12-21 14:22:57
cvelist
cvelist
CVE-2013-6978
2013-12-21 11:00:00
cisco
cisco
prion
prion
Design/Logic Flaw
2013-12-21 14:22:00
CVSS2
4
Attack Vector
NETWORK
Attack Complexity
LOW
Authentication
SINGLE
Confidentiality Impact
PARTIAL
Integrity Impact
NONE
Availability Impact
NONE
AV:N/AC:L/Au:S/C:P/I:N/A:N
AI Score
5.8
Confidence
Low
EPSS
0.002
Percentile
64.8%
Related for CVE-2013-6978