CVE Daily

CVE-2015-6425

The WebApplications Identity Management subsystem in Cisco Unified Communication...

Medium CVSS 5.0

Overview

The WebApplications Identity Management subsystem in Cisco Unified Communications Manager 10.5(0.98000.88) allows remote attackers to cause a denial of service (subsystem outage) via invalid session tokens, aka Bug ID CSCul83786.

CWE: CWE-399 Published: 2015-12-16T15:59:00.117
Risk analysis

This vulnerability is rated 🟡 MEDIUM.

  • CVSS: 5.0 (MEDIUM)
  • Detected tags: none (tag impact: LOW)

Recommended actions:

  • Prioritize remediation based on business criticality and exposure.
  • Limit exposure and increase monitoring until fixed.

Recommended tools

Tags