Information disclosure in Cisco Unified_communications_domain_manager

CVE-2015-0683

Cisco Unified Communications Domain Manager 8.1(4) allows remote authenticated users to obtain sensitive information via a file-inclusion attack, aka Bug ID CSCup94744.

Vulnerability class: Information Disclosure

EPSS: 0.002 (38.9th percentile) — read the EPSS interpretation.

Affected products

Cisco Unified_communications_domain_manager — versions 8.1\(.4\)
N/a — versions n/a

Weakness classification (CWE)

CWE-200 — Information Disclosure

References

1032003 (vdb-entry, x_refsource_SECTRACK)
20150331 Cisco Unified Communications Domain Manager Application Software Information Disclosure Vulnerability (x_refsource_CISCO, vendor-advisory, Vendor Advisory)