The Disaster Recovery Framework (DRF) master server in Cisco Unified Communications products, including Unified Communications Manager (CUCM) 5.x and 6.x, Unified Presence 1.x and 6.x, Emergency Responder 2.x, and Mobility Manager 2.x, does not require authentication for requests received from the network, which allows remote attackers to execute arbitrary code via unspecified vectors.
oryginał ENAV:N/AC:L/Au:N/C:C/I:C/A:CCisco Emergency Responder
APPCisco2.0Cisco Mobility Manager
APPCisco2.0Cisco Unified Communications Manager
APPCisco5.05.16.06.1Cisco Unified Presence
APPCisco1.06.0
Powiązane podatności
Cisco Unified CM — statyczne dane logowania root umożliwiają pełne przejęcie systemu
RCE w produktach Cisco Unified Communications — eskalacja do root
A vulnerability in Cisco Emergency Responder could allow an unauthenticated, remote attacker to log in to an a...
A vulnerability in the upgrade mechanism of Cisco collaboration products based on the Cisco Voice Operating Sy...
A vulnerability in Cisco Unified Communications Manager (Unified CM) and Cisco Unified Communications Manager ...