CVE-2016-6364

The User Data Services (UDS) API implementation in Cisco Unified Communications Manager 11.5 allows remote attackers to bypass intended access restrictions and obtain sensitive information via unspecified API calls, aka Bug ID CSCux67855.

Published: Aug 23, 2016
Updated: Apr 13, 2023
CVE: CVE-2016-6364
Severity: High
Exploit:

CVSS v3:

Severity: High
Score: 7.5
AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N

CVSS v2:

Severity: Medium
Score: 5
AV:N/AC:L/Au:N/C:P/I:N/A:N

CWEs:

CWE-200

Affected Software
References

Software	From	Fixed in
cisco / unified_communications_manager	11.5.0	11.5.0.x

http://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20160817-ucm
http://www.securityfocus.com/bid/92517
http://www.securitytracker.com/id/1036650

Vulnerability Database

289,782

CVE-2016-6364