CVE-2016-6464
Description
A vulnerability in the web management interface of the Cisco Unified Communications Manager IM and Presence Service could allow an unauthenticated, remote attacker to view information on web pages that should be restricted. More Information: CSCva49629. Known Affected Releases: 11.5(1). Known Fixed Releases: 11.5(1.12000.2) 12.0(0.98000.181).
Risk Information
Base Score
7.5
MODERATE
Vector
CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N
EPSS Score
Exploitation Probability
1.357
Associated Vulnerability
| Vulnerability | OS Platform |
|---|---|
| Cisco Unified Communications Manager IM and Presence Service Information Disclosure Vulnerability For Cisco Unified Communications Manager IM & Presence Service | NCM |
| Exposure of Sensitive Information to an Unauthorized Actor Vulnerability (CVE-2016-6464) | NCM |
Patch Details
Click to see the patches provided by ManageEngine for this CVE
| Patch ID | Patch Description |
|---|---|
| PATCH-1706022 | Security Update for Cisco Unified Communications Manager IM & Presence Service CUP.11.5(1.12900.25) |
References
https://nvd.nist.gov/vuln/detail/CVE-2023-1234
https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-1234