CVE-2011-1643

  1. OpenCVE
  2. Vulnerabilities (CVE)
  3. CVE-2011-1643
Cisco Unified Communications Manager (aka CUCM, formerly CallManager) 6.x, 7.x before 7.1(5b)su4, 8.0, and 8.5 before 8.5(1)su2 and Cisco Unified Presence Server 6.x, 7.x, 8.0, and 8.5 before 8.5xnr allow remote attackers to read database data by connecting to a query interface through an SSL session, aka Bug IDs CSCti81574, CSCto63060, CSCto72183, and CSCto73833.

10.0 /10

CVSS v2.0 : HIGH

V2 Legend

Vector : AV:N/AC:L/Au:N/C:C/I:C/A:C

Exploitability : 10.0 / Impact : 10.0

Access Vector NETWORK

Access Complexity LOW

Authentication NONE

Confidentiality Impact COMPLETE

Integrity Impact COMPLETE

Availability Impact COMPLETE

References
Link Resource
http://www.cisco.com/en/US/products/products_security_advisory09186a0080b8f532.shtml Vendor Advisory
http://www.cisco.com/en/US/products/products_security_advisory09186a0080b8f532.shtml Vendor Advisory
Configurations

Configuration 1 (hide)

OR cpe:2.3:a:cisco:unified_communications_manager:6.0:*:*:*:*:*:*:*
cpe:2.3:a:cisco:unified_communications_manager:6.1\(1\):*:*:*:*:*:*:*
cpe:2.3:a:cisco:unified_communications_manager:6.1\(1a\):*:*:*:*:*:*:*
cpe:2.3:a:cisco:unified_communications_manager:6.1\(1b\):*:*:*:*:*:*:*
cpe:2.3:a:cisco:unified_communications_manager:6.1\(2\):*:*:*:*:*:*:*
cpe:2.3:a:cisco:unified_communications_manager:6.1\(2\)su1:*:*:*:*:*:*:*
cpe:2.3:a:cisco:unified_communications_manager:6.1\(2\)su1a:*:*:*:*:*:*:*
cpe:2.3:a:cisco:unified_communications_manager:6.1\(3\):*:*:*:*:*:*:*
cpe:2.3:a:cisco:unified_communications_manager:6.1\(3a\):*:*:*:*:*:*:*
cpe:2.3:a:cisco:unified_communications_manager:6.1\(3b\):*:*:*:*:*:*:*
cpe:2.3:a:cisco:unified_communications_manager:6.1\(3b\)su1:*:*:*:*:*:*:*
cpe:2.3:a:cisco:unified_communications_manager:6.1\(4\):*:*:*:*:*:*:*
cpe:2.3:a:cisco:unified_communications_manager:6.1\(4\)su1:*:*:*:*:*:*:*
cpe:2.3:a:cisco:unified_communications_manager:6.1\(4a\):*:*:*:*:*:*:*
cpe:2.3:a:cisco:unified_communications_manager:6.1\(4a\)su2:*:*:*:*:*:*:*
cpe:2.3:a:cisco:unified_communications_manager:6.1\(5\):*:*:*:*:*:*:*
cpe:2.3:a:cisco:unified_communications_manager:6.1\(5\)su1:*:*:*:*:*:*:*
cpe:2.3:a:cisco:unified_communications_manager:6.1\(5\)su2:*:*:*:*:*:*:*
cpe:2.3:a:cisco:unified_communications_manager:7.0\(1\)su1:*:*:*:*:*:*:*
cpe:2.3:a:cisco:unified_communications_manager:7.0\(1\)su1a:*:*:*:*:*:*:*
cpe:2.3:a:cisco:unified_communications_manager:7.0\(2\):*:*:*:*:*:*:*
cpe:2.3:a:cisco:unified_communications_manager:7.0\(2a\):*:*:*:*:*:*:*
cpe:2.3:a:cisco:unified_communications_manager:7.0\(2a\)su1:*:*:*:*:*:*:*
cpe:2.3:a:cisco:unified_communications_manager:7.0\(2a\)su2:*:*:*:*:*:*:*
cpe:2.3:a:cisco:unified_communications_manager:7.1\(2a\):*:*:*:*:*:*:*
cpe:2.3:a:cisco:unified_communications_manager:7.1\(2a\)su1:*:*:*:*:*:*:*
cpe:2.3:a:cisco:unified_communications_manager:7.1\(2b\):*:*:*:*:*:*:*
cpe:2.3:a:cisco:unified_communications_manager:7.1\(2b\)su1:*:*:*:*:*:*:*
cpe:2.3:a:cisco:unified_communications_manager:7.1\(3\):*:*:*:*:*:*:*
cpe:2.3:a:cisco:unified_communications_manager:7.1\(3a\):*:*:*:*:*:*:*
cpe:2.3:a:cisco:unified_communications_manager:7.1\(3a\)su1:*:*:*:*:*:*:*
cpe:2.3:a:cisco:unified_communications_manager:7.1\(3a\)su1a:*:*:*:*:*:*:*
cpe:2.3:a:cisco:unified_communications_manager:7.1\(3b\):*:*:*:*:*:*:*
cpe:2.3:a:cisco:unified_communications_manager:7.1\(3b\)su1:*:*:*:*:*:*:*
cpe:2.3:a:cisco:unified_communications_manager:7.1\(3b\)su2:*:*:*:*:*:*:*
cpe:2.3:a:cisco:unified_communications_manager:7.1\(5\):*:*:*:*:*:*:*
cpe:2.3:a:cisco:unified_communications_manager:7.1\(5\)su1:*:*:*:*:*:*:*
cpe:2.3:a:cisco:unified_communications_manager:7.1\(5\)su1a:*:*:*:*:*:*:*
cpe:2.3:a:cisco:unified_communications_manager:7.1\(5a\):*:*:*:*:*:*:*
cpe:2.3:a:cisco:unified_communications_manager:7.1\(5b\):*:*:*:*:*:*:*
cpe:2.3:a:cisco:unified_communications_manager:7.1\(5b\)su1:*:*:*:*:*:*:*
cpe:2.3:a:cisco:unified_communications_manager:7.1\(5b\)su1a:*:*:*:*:*:*:*
cpe:2.3:a:cisco:unified_communications_manager:7.1\(5b\)su2:*:*:*:*:*:*:*
cpe:2.3:a:cisco:unified_communications_manager:7.1\(5b\)su3:*:*:*:*:*:*:*
cpe:2.3:a:cisco:unified_communications_manager:8.0:*:*:*:*:*:*:*
cpe:2.3:a:cisco:unified_communications_manager:8.5:*:*:*:*:*:*:*
cpe:2.3:a:cisco:unified_communications_manager:8.5\(1\):*:*:*:*:*:*:*
cpe:2.3:a:cisco:unified_communications_manager:8.5\(1\)su1:*:*:*:*:*:*:*

Configuration 2 (hide)

OR cpe:2.3:a:cisco:unified_presence_server:6.0\(1\):*:*:*:*:*:*:*
cpe:2.3:a:cisco:unified_presence_server:6.0\(2\):*:*:*:*:*:*:*
cpe:2.3:a:cisco:unified_presence_server:6.0\(3\):*:*:*:*:*:*:*
cpe:2.3:a:cisco:unified_presence_server:6.0\(4\):*:*:*:*:*:*:*
cpe:2.3:a:cisco:unified_presence_server:6.0\(5\):*:*:*:*:*:*:*
cpe:2.3:a:cisco:unified_presence_server:6.0\(6\):*:*:*:*:*:*:*
cpe:2.3:a:cisco:unified_presence_server:6.0\(7\):*:*:*:*:*:*:*
cpe:2.3:a:cisco:unified_presence_server:7.0\(1\):*:*:*:*:*:*:*
cpe:2.3:a:cisco:unified_presence_server:7.0\(2\):*:*:*:*:*:*:*
cpe:2.3:a:cisco:unified_presence_server:7.0\(3\):*:*:*:*:*:*:*
cpe:2.3:a:cisco:unified_presence_server:7.0\(4\):*:*:*:*:*:*:*
cpe:2.3:a:cisco:unified_presence_server:7.0\(5\):*:*:*:*:*:*:*
cpe:2.3:a:cisco:unified_presence_server:7.0\(6\):*:*:*:*:*:*:*
cpe:2.3:a:cisco:unified_presence_server:7.0\(7\):*:*:*:*:*:*:*
cpe:2.3:a:cisco:unified_presence_server:7.0\(8\):*:*:*:*:*:*:*
cpe:2.3:a:cisco:unified_presence_server:7.0\(9\):*:*:*:*:*:*:*
cpe:2.3:a:cisco:unified_presence_server:8.0:*:*:*:*:*:*:*
cpe:2.3:a:cisco:unified_presence_server:8.5:*:*:*:*:*:*:*
cpe:2.3:a:cisco:unified_presence_server:8.5\(1\):*:*:*:*:*:*:*
cpe:2.3:a:cisco:unified_presence_server:8.5\(2\):*:*:*:*:*:*:*
cpe:2.3:a:cisco:unified_presence_server:8.5\(3\):*:*:*:*:*:*:*
History

No history.

Information

Published : 2011-08-29 15:55

Updated : 2025-04-11 00:51

NVD link : CVE-2011-1643

Mitre link : CVE-2011-1643

CVE.ORG link : CVE-2011-1643

JSON object : View

Products Affected

cisco

  • unified_presence_server
  • unified_communications_manager
CWE
CWE-200

Exposure of Sensitive Information to an Unauthorized Actor