A vulnerability in the Java Remote Method Invocation (RMI) interface of Cisco Unified Customer Voice Portal (CVP) could allow an unauthenticated, remote attacker to access sensitive information on an affected device. The vulnerability exists because certain RMI listeners are not properly authenticated. An attacker could exploit this vulnerability by sending a crafted request to the affected listener. A successful exploit could allow the attacker to access sensitive information on an affected device.
oryginał ENCVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:NCisco Unified Customer Voice Portal
APPCisco≤ 12.5\(1\)
Powiązane podatności
A vulnerability in the Interactive Voice Response (IVR) management connection interface for Cisco Unified Cust...
A vulnerability in the application server of the Cisco Unified Customer Voice Portal (CVP) could allow an unau...
A vulnerability in the Operations, Administration, Maintenance, and Provisioning (OAMP) credential reset funct...
The Tomcat Web Management feature in Cisco Unified Customer Voice Portal (CVP) Software before 9.0.1 ES 11 doe...
The log viewer in Cisco Unified Customer Voice Portal (CVP) Software before 9.0.1 ES 11 does not properly vali...