Design/Logic Flaw

2015-12-1403:59:00

PRIOn knowledge base

www.prio-n.com

7.3 High

AI Score

Confidence

Low

0.001 Low

EPSS

Percentile

40.4%

JSON

The Mobile and Remote Access (MRA) services implementation in Cisco Unified Communications Manager mishandles edge-device identity validation, which allows remote attackers to bypass intended call-reception and call-setup restrictions by spoofing a user, aka Bug ID CSCuu97283.

CPENameOperatorVersion
telepresence_video_communication_server_softwareeqx8.5 rc4

CPE	Name	Operator	Version
	telepresence_video_communication_server_software	eq	x8.5 rc4

References

tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20151209-ucm

www.securityfocus.com/bid/78741

www.securitytracker.com/id/1034377