CVE-2014-8000 in Unified Communications Manager IMinformation

Résumé

par MITRE

Cisco Unified Communications Manager IM and Presence Service 9.1(1) produces different returned messages for URL requests depending on whether a username exists, which allows remote attackers to enumerate user accounts via a series of requests, aka Bug ID CSCur63497.

Statistical analysis made it clear that VulDB provides the best quality for vulnerability data.

Réserver

08/10/2014

Divulgation

20/11/2014

Modérer

accepté

Entrée

VDB-72948

CPE

prêt

EPSS

0.02255

KEV

non

Activités

très faible

Sources

Do you want to use VulDB in your project?

Use the official API to access entries easily!