Vulnerability Database

289,599

Total vulnerabilities in the database

CVE-2021-1406

A vulnerability in Cisco Unified Communications Manager (Unified CM) and Cisco Unified Communications Manager Session Management Edition (Unified CM SME) could allow an authenticated, remote attacker to access sensitive information on an affected device. The vulnerability is due to improper inclusion of sensitive information in downloadable files. An attacker could exploit this vulnerability by authenticating to an affected device and issuing a specific set of commands. A successful exploit could allow the attacker to obtain hashed credentials of system users. To exploit this vulnerability an attacker would need to have valid user credentials with elevated privileges.

  • Published: Apr 8, 2021
  • Updated: Apr 14, 2023
  • CVE: CVE-2021-1406
  • Severity: Low
  • Exploit:

CVSS v3:

  • Severity: Low
  • Score: 4.9
  • AV:N/AC:L/PR:H/UI:N/S:U/C:H/I:N/A:N

CVSS v2:

  • Severity: Low
  • Score: 4
  • AV:N/AC:L/Au:S/C:P/I:N/A:N

CWEs:

Software From Fixed in
cisco / unified_communications_manager 12.5(1) 12.5(1).x
cisco / unified_communications_manager 12.0(1) 12.0(1).x
cisco / unified_communications_manager 10.5(2) 10.5(2).x
cisco / unified_communications_manager 11.5(1) 11.5(1).x
cisco / unified_communications_manager 10.5(2)su1 10.5(2)su1.x
cisco / unified_communications_manager 10.5(2)su2 10.5(2)su2.x
cisco / unified_communications_manager 10.5(2)su2a 10.5(2)su2a.x
cisco / unified_communications_manager 10.5(2)su3 10.5(2)su3.x
cisco / unified_communications_manager 10.5(2)su3a 10.5(2)su3a.x
cisco / unified_communications_manager 10.5(2)su4 10.5(2)su4.x
cisco / unified_communications_manager 10.5(2)su4a 10.5(2)su4a.x
cisco / unified_communications_manager 10.5(2)su5 10.5(2)su5.x
cisco / unified_communications_manager 10.5(2)su6 10.5(2)su6.x
cisco / unified_communications_manager 10.5(2)su6a 10.5(2)su6a.x
cisco / unified_communications_manager 10.5(2)su7 10.5(2)su7.x
cisco / unified_communications_manager 10.5(2)su8 10.5(2)su8.x
cisco / unified_communications_manager 10.5(2)su9 10.5(2)su9.x
cisco / unified_communications_manager 10.5(2)su10 10.5(2)su10.x
cisco / unified_communications_manager 12.5(1)su1 12.5(1)su1.x
cisco / unified_communications_manager 12.5(1)su2 12.5(1)su2.x
cisco / unified_communications_manager 12.5(1)su3 12.5(1)su3.x
cisco / unified_communications_manager 12.5(1)su4 12.5(1)su4.x
cisco / unified_communications_manager 12.5(1)su5 12.5(1)su5.x
cisco / unified_communications_manager 11.5(1)su1 11.5(1)su1.x
cisco / unified_communications_manager 11.5(1)su2 11.5(1)su2.x
cisco / unified_communications_manager 11.5(1)su3 11.5(1)su3.x
cisco / unified_communications_manager 11.5(1)su4 11.5(1)su4.x
cisco / unified_communications_manager 11.5(1)su5 11.5(1)su5.x
cisco / unified_communications_manager 11.5(1)su7 11.5(1)su7.x
cisco / unified_communications_manager 11.5(1)su8 11.5(1)su8.x
cisco / unified_communications_manager 11.5(1)su9 11.5(1)su9.x