A vulnerability in the web-based interface of Cisco Unified Communications Manager and Cisco Unified Communications Manager Session Management Edition (SME) could allow an unauthenticated, remote malicious user to bypass security restrictions. The vulnerability is due to improper handling of malformed HTTP methods. An attacker could exploit this vulnerability by sending a crafted HTTP request to the affected system. A successful exploit could allow the malicious user to gain unauthorized access to the system.
| Vulnerable Product | Search on Vulmon | Subscribe to Product |
|---|---|---|
cisco unified communications manager 12.0\\(1.10000.10\\) |
||
cisco unified communications manager 10.5\\(2.10000.5\\) |
||
cisco unified communications manager 11.5\\(1.10000.6\\) |
||
cisco unified communications manager 12.5\\(1.10000.22\\) |
Vulmon