← voltar
CVE-2019-15272

Cisco Unified Communications Manager Security Bypass Vulnerability

CVSS 6.5 MEDIUMEPSS 1.3%CWE-264
Vexday Risk Score
13Baixo
Decisão SSVC (CISA)
Track
Sem sinal de exploração → monitorar
CVSS 6.5EPSS 1.3%KEV nãoPoC Patch referenciado
Ciclo de vida
02 out 2019Publicada no NVD
Recomendação: Monitorar — sem sinal de exploração no momento.
A vulnerability in the web-based interface of Cisco Unified Communications Manager and Cisco Unified Communications Manager Session Management Edition (SME) could allow an unauthenticated, remote attacker to bypass security restrictions. The vulnerability is due to improper handling of malformed HTTP methods. An attacker could exploit this vulnerability by sending a crafted HTTP request to the affected system. A successful exploit could allow the attacker to gain unauthorized access to the system.
CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:L/A:N
Produtos afetados
Cisco · Cisco Unified Communications Manager

Quer saber se a sua infraestrutura está exposta a isto?

Falar com a TrueHacking →
Referências
https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20191002-ucm-secbypass