Published: 14/12/2015 Updated: 07/12/2016

CVSS v2 Base Score: 4 | Impact Score: 2.9 | Exploitability Score: 8

VMScore: 356

Vector: AV:N/AC:L/Au:S/C:P/I:N/A:N

Subscribe to Telepresence Video Communication Server Software

The Mobile and Remote Access (MRA) services implementation in Cisco Unified Communications Manager mishandles edge-device identity validation, which allows remote malicious users to bypass intended call-reception and call-setup restrictions by spoofing a user, aka Bug ID CSCuu97283.

Vulnerable Product	Search on Vulmon	Subscribe to Product
cisco telepresence video communication server software x8.5

A vulnerability in edge devices of the Cisco Unified Communications Manager using Mobile and Remote Access (MRA) services could allow an unauthenticated, remote attacker to perform an identity theft attack The vulnerability is due to improper identity validation of the edge devices An attacker could exploit this vulnerability by spoofing a user' ...

CWE-20 http://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20151209-ucm http://www.securityfocus.com/bid/78741 http://www.securitytracker.com/id/1034377 https://nvd.nist.gov http://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20151209-ucm

Get Started

Vulmon Search is a vulnerability search engine. It gives comprehensive vulnerability information through a very simple user interface.

Home Recent Vulnerabilities Research Posts Trends Blog About Contact

Vulmon Search Vulmon Research Vulmon Alerts Vulmap

Twitter Reddit Linkedin Facebook

CVE-2015-6410

Vulnerability Summary

Vendor Advisories

References

Vulmon Search

About

Products

Connect