The Enterprise License Manager (ELM) component in Cisco Unified Communications Manager (Unified CM) 10.0(1) and previous versions does not properly enforce authentication requirements, which allows remote malicious users to read ELM files via a direct request to a URL, aka Bug ID CSCum46494.
Vulnerable Product | Search on Vulmon | Subscribe to Product |
---|---|---|
cisco unified communications manager 4.2.1 |
||
cisco unified communications manager 4.2.2 |
||
cisco unified communications manager 4.2.3 |
||
cisco unified communications manager 4.2.3sr1 |
||
cisco unified communications manager |
||
cisco unified communications manager 4.1\\(3\\)sr3 |
||
cisco unified communications manager 4.2 |
||
cisco unified communications manager 4.2.3sr2 |
||
cisco unified communications manager 4.3 |
||
cisco unified communications manager 3.3\\(5\\) |
||
cisco unified communications manager 3.3\\(5\\)sr1 |
||
cisco unified communications manager 3.3\\(5\\)sr2a |
||
cisco unified communications manager 4.1\\(3\\) |
||
cisco unified communications manager 4.1\\(3\\)sr1 |
||
cisco unified communications manager 10.0 |
||
cisco unified communications manager 4.1\\(3\\)sr2 |
||
cisco unified communications manager 4.1\\(3\\)sr4 |
||
cisco unified communications manager 4.2.3sr2b |