var-201602-0057
Vulnerability from variot
Cisco Unified Communications Manager (aka CallManager) 9.1(2.10000.28), 10.5(2.10000.5), 10.5(2.12901.1), and 11.0(1.10000.10); Unified Communications Manager IM & Presence Service 10.5(2); Unified Contact Center Express 11.0(1); and Unity Connection 10.5(2) store a cleartext encryption key, which allows local users to obtain sensitive information via unspecified vectors, aka Bug ID CSCuv85958. plural Cisco The product stores a plaintext encryption key, so there is a vulnerability that allows important information to be obtained. Vendors have confirmed this vulnerability Bug ID CSCuv85958 It is released as.Local users may get important information. Cisco Unified Communications Manager (also known as CallManager) and others are products of Cisco (Cisco). CallManager is a call processing component in a unified communication system. A local attacker could exploit this vulnerability to obtain sensitive information
Show details on source website{
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/VARIoTentry#",
"affected_products": {
"@id": "https://www.variotdbs.pl/ref/affected_products"
},
"configurations": {
"@id": "https://www.variotdbs.pl/ref/configurations"
},
"credits": {
"@id": "https://www.variotdbs.pl/ref/credits"
},
"cvss": {
"@id": "https://www.variotdbs.pl/ref/cvss/"
},
"description": {
"@id": "https://www.variotdbs.pl/ref/description/"
},
"exploit_availability": {
"@id": "https://www.variotdbs.pl/ref/exploit_availability/"
},
"external_ids": {
"@id": "https://www.variotdbs.pl/ref/external_ids/"
},
"iot": {
"@id": "https://www.variotdbs.pl/ref/iot/"
},
"iot_taxonomy": {
"@id": "https://www.variotdbs.pl/ref/iot_taxonomy/"
},
"patch": {
"@id": "https://www.variotdbs.pl/ref/patch/"
},
"problemtype_data": {
"@id": "https://www.variotdbs.pl/ref/problemtype_data/"
},
"references": {
"@id": "https://www.variotdbs.pl/ref/references/"
},
"sources": {
"@id": "https://www.variotdbs.pl/ref/sources/"
},
"sources_release_date": {
"@id": "https://www.variotdbs.pl/ref/sources_release_date/"
},
"sources_update_date": {
"@id": "https://www.variotdbs.pl/ref/sources_update_date/"
},
"threat_type": {
"@id": "https://www.variotdbs.pl/ref/threat_type/"
},
"title": {
"@id": "https://www.variotdbs.pl/ref/title/"
},
"type": {
"@id": "https://www.variotdbs.pl/ref/type/"
}
},
"@id": "https://www.variotdbs.pl/vuln/VAR-201602-0057",
"affected_products": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/affected_products#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
},
"@id": "https://www.variotdbs.pl/ref/sources"
}
},
"data": [
{
"model": "gs1900-10hp",
"scope": "lt",
"trust": 1.0,
"vendor": "zyxel",
"version": "2.50\\(aazi.0\\)c0"
},
{
"model": "keymouse",
"scope": "eq",
"trust": 1.0,
"vendor": "zzinc",
"version": "3.08"
},
{
"model": "x14j",
"scope": "eq",
"trust": 1.0,
"vendor": "samsung",
"version": "t-ms14jakucb-1102.5"
},
{
"model": "opensolaris",
"scope": "eq",
"trust": 1.0,
"vendor": "sun",
"version": "snv_124"
},
{
"model": "unified communications manager",
"scope": "eq",
"trust": 0.8,
"vendor": "cisco",
"version": "10.5(2.10000.5)"
},
{
"model": "unified communications manager",
"scope": "eq",
"trust": 0.8,
"vendor": "cisco",
"version": "10.5(2.12901.1)"
},
{
"model": "unified communications manager",
"scope": "eq",
"trust": 0.8,
"vendor": "cisco",
"version": "11.0(1.10000.10)"
},
{
"model": "unified communications manager",
"scope": "eq",
"trust": 0.8,
"vendor": "cisco",
"version": "9.1(2.10000.28)"
},
{
"model": "unified communications manager im and presence service",
"scope": "eq",
"trust": 0.8,
"vendor": "cisco",
"version": "10.5(2)"
},
{
"model": "unified contact center express",
"scope": "eq",
"trust": 0.8,
"vendor": "cisco",
"version": "11.0(1)"
},
{
"model": "unity connection",
"scope": "eq",
"trust": 0.8,
"vendor": "cisco",
"version": "10.5(2)"
},
{
"model": "unified communications manager im and presence service",
"scope": "eq",
"trust": 0.6,
"vendor": "cisco",
"version": "10.5\\\\\\(2\\\\\\)"
},
{
"model": "unified communications manager",
"scope": "eq",
"trust": 0.6,
"vendor": "cisco",
"version": "9.1\\\\\\(2.10000.28\\\\\\)"
},
{
"model": "unity connection",
"scope": "eq",
"trust": 0.6,
"vendor": "cisco",
"version": "10.5\\\\\\(2\\\\\\)"
},
{
"model": "unified communications manager",
"scope": "eq",
"trust": 0.6,
"vendor": "cisco",
"version": "10.5\\\\\\(2.10000.5\\\\\\)"
},
{
"model": "unified contact center express",
"scope": "eq",
"trust": 0.6,
"vendor": "cisco",
"version": "11.0\\\\\\(1\\\\\\)"
},
{
"model": "unified communications manager",
"scope": "eq",
"trust": 0.6,
"vendor": "cisco",
"version": "11.0\\\\\\(1.10000.10\\\\\\)"
},
{
"model": "unified communications manager",
"scope": "eq",
"trust": 0.6,
"vendor": "cisco",
"version": "10.5\\\\\\(2.12901.1\\\\\\)"
}
],
"sources": [
{
"db": "JVNDB",
"id": "JVNDB-2016-001497"
},
{
"db": "NVD",
"id": "CVE-2016-1319"
},
{
"db": "CNNVD",
"id": "CNNVD-201602-172"
}
]
},
"configurations": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/configurations#",
"children": {
"@container": "@list"
},
"cpe_match": {
"@container": "@list"
},
"data": {
"@container": "@list"
},
"nodes": {
"@container": "@list"
}
},
"data": [
{
"CVE_data_version": "4.0",
"nodes": [
{
"children": [],
"cpe_match": [
{
"cpe23Uri": "cpe:2.3:a:cisco:unified_communications_manager_im_and_presence_service:10.5\\\\\\(2\\\\\\):*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
}
],
"operator": "OR"
},
{
"children": [],
"cpe_match": [
{
"cpe23Uri": "cpe:2.3:a:cisco:unified_contact_center_express:11.0\\\\\\(1\\\\\\):*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
}
],
"operator": "OR"
},
{
"children": [],
"cpe_match": [
{
"cpe23Uri": "cpe:2.3:a:cisco:unified_communications_manager:9.1\\\\\\(2.10000.28\\\\\\):*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:cisco:unified_communications_manager:10.5\\\\\\(2.10000.5\\\\\\):*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:cisco:unified_communications_manager:10.5\\\\\\(2.12901.1\\\\\\):*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:cisco:unified_communications_manager:11.0\\\\\\(1.10000.10\\\\\\):*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
}
],
"operator": "OR"
},
{
"children": [],
"cpe_match": [
{
"cpe23Uri": "cpe:2.3:a:cisco:unity_connection:10.5\\\\\\(2\\\\\\):*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
}
],
"operator": "OR"
}
]
}
],
"sources": [
{
"db": "NVD",
"id": "CVE-2016-1319"
}
]
},
"cve": "CVE-2016-1319",
"cvss": {
"@context": {
"cvssV2": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/cvss/cvssV2#"
},
"@id": "https://www.variotdbs.pl/ref/cvss/cvssV2"
},
"cvssV3": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/cvss/cvssV3#"
},
"@id": "https://www.variotdbs.pl/ref/cvss/cvssV3/"
},
"severity": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/cvss/severity#"
},
"@id": "https://www.variotdbs.pl/ref/cvss/severity"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
},
"@id": "https://www.variotdbs.pl/ref/sources"
}
},
"data": [
{
"cvssV2": [
{
"acInsufInfo": false,
"accessComplexity": "LOW",
"accessVector": "NETWORK",
"authentication": "NONE",
"author": "NVD",
"availabilityImpact": "NONE",
"baseScore": 5.0,
"confidentialityImpact": "PARTIAL",
"exploitabilityScore": 10.0,
"impactScore": 2.9,
"integrityImpact": "NONE",
"obtainAllPrivilege": false,
"obtainOtherPrivilege": false,
"obtainUserPrivilege": false,
"severity": "MEDIUM",
"trust": 1.0,
"vectorString": "AV:N/AC:L/Au:N/C:P/I:N/A:N",
"version": "2.0"
},
{
"acInsufInfo": null,
"accessComplexity": "Low",
"accessVector": "Network",
"authentication": "None",
"author": "NVD",
"availabilityImpact": "None",
"baseScore": 5.0,
"confidentialityImpact": "Partial",
"exploitabilityScore": null,
"id": "CVE-2016-1319",
"impactScore": null,
"integrityImpact": "None",
"obtainAllPrivilege": null,
"obtainOtherPrivilege": null,
"obtainUserPrivilege": null,
"severity": "Medium",
"trust": 0.8,
"userInteractionRequired": null,
"vectorString": "AV:N/AC:L/Au:N/C:P/I:N/A:N",
"version": "2.0"
},
{
"accessComplexity": "LOW",
"accessVector": "NETWORK",
"authentication": "NONE",
"author": "VULHUB",
"availabilityImpact": "NONE",
"baseScore": 5.0,
"confidentialityImpact": "PARTIAL",
"exploitabilityScore": 10.0,
"id": "VHN-90138",
"impactScore": 2.9,
"integrityImpact": "NONE",
"severity": "MEDIUM",
"trust": 0.1,
"vectorString": "AV:N/AC:L/AU:N/C:P/I:N/A:N",
"version": "2.0"
}
],
"cvssV3": [
{
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"author": "NVD",
"availabilityImpact": "NONE",
"baseScore": 5.3,
"baseSeverity": "MEDIUM",
"confidentialityImpact": "LOW",
"exploitabilityScore": 3.9,
"impactScore": 1.4,
"integrityImpact": "NONE",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"trust": 1.0,
"userInteraction": "NONE",
"vectorString": "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:N",
"version": "3.0"
}
],
"severity": [
{
"author": "NVD",
"id": "CVE-2016-1319",
"trust": 1.8,
"value": "MEDIUM"
},
{
"author": "CNNVD",
"id": "CNNVD-201602-172",
"trust": 0.6,
"value": "MEDIUM"
},
{
"author": "VULHUB",
"id": "VHN-90138",
"trust": 0.1,
"value": "MEDIUM"
}
]
}
],
"sources": [
{
"db": "VULHUB",
"id": "VHN-90138"
},
{
"db": "JVNDB",
"id": "JVNDB-2016-001497"
},
{
"db": "NVD",
"id": "CVE-2016-1319"
},
{
"db": "CNNVD",
"id": "CNNVD-201602-172"
}
]
},
"description": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/description#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "Cisco Unified Communications Manager (aka CallManager) 9.1(2.10000.28), 10.5(2.10000.5), 10.5(2.12901.1), and 11.0(1.10000.10); Unified Communications Manager IM \u0026 Presence Service 10.5(2); Unified Contact Center Express 11.0(1); and Unity Connection 10.5(2) store a cleartext encryption key, which allows local users to obtain sensitive information via unspecified vectors, aka Bug ID CSCuv85958. plural Cisco The product stores a plaintext encryption key, so there is a vulnerability that allows important information to be obtained. Vendors have confirmed this vulnerability Bug ID CSCuv85958 It is released as.Local users may get important information. Cisco Unified Communications Manager (also known as CallManager) and others are products of Cisco (Cisco). CallManager is a call processing component in a unified communication system. A local attacker could exploit this vulnerability to obtain sensitive information",
"sources": [
{
"db": "NVD",
"id": "CVE-2016-1319"
},
{
"db": "JVNDB",
"id": "JVNDB-2016-001497"
},
{
"db": "VULHUB",
"id": "VHN-90138"
}
],
"trust": 1.71
},
"external_ids": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/external_ids#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"db": "NVD",
"id": "CVE-2016-1319",
"trust": 2.5
},
{
"db": "SECTRACK",
"id": "1034959",
"trust": 1.1
},
{
"db": "SECTRACK",
"id": "1034958",
"trust": 1.1
},
{
"db": "SECTRACK",
"id": "1034960",
"trust": 1.1
},
{
"db": "JVNDB",
"id": "JVNDB-2016-001497",
"trust": 0.8
},
{
"db": "CNNVD",
"id": "CNNVD-201602-172",
"trust": 0.7
},
{
"db": "VULHUB",
"id": "VHN-90138",
"trust": 0.1
}
],
"sources": [
{
"db": "VULHUB",
"id": "VHN-90138"
},
{
"db": "JVNDB",
"id": "JVNDB-2016-001497"
},
{
"db": "NVD",
"id": "CVE-2016-1319"
},
{
"db": "CNNVD",
"id": "CNNVD-201602-172"
}
]
},
"id": "VAR-201602-0057",
"iot": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/iot#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": true,
"sources": [
{
"db": "VULHUB",
"id": "VHN-90138"
}
],
"trust": 0.01
},
"last_update_date": "2023-12-18T12:06:16.082000Z",
"patch": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/patch#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"title": "cisco-sa-20160208-ucm",
"trust": 0.8,
"url": "http://tools.cisco.com/security/center/content/ciscosecurityadvisory/cisco-sa-20160208-ucm"
},
{
"title": "Multiple Cisco Product security vulnerabilities",
"trust": 0.6,
"url": "http://www.cnnvd.org.cn/web/xxk/bdxqbyid.tag?id=60115"
}
],
"sources": [
{
"db": "JVNDB",
"id": "JVNDB-2016-001497"
},
{
"db": "CNNVD",
"id": "CNNVD-201602-172"
}
]
},
"problemtype_data": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/problemtype_data#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"problemtype": "CWE-200",
"trust": 1.9
}
],
"sources": [
{
"db": "VULHUB",
"id": "VHN-90138"
},
{
"db": "JVNDB",
"id": "JVNDB-2016-001497"
},
{
"db": "NVD",
"id": "CVE-2016-1319"
}
]
},
"references": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/references#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"trust": 1.7,
"url": "http://tools.cisco.com/security/center/content/ciscosecurityadvisory/cisco-sa-20160208-ucm"
},
{
"trust": 1.1,
"url": "http://www.securitytracker.com/id/1034958"
},
{
"trust": 1.1,
"url": "http://www.securitytracker.com/id/1034959"
},
{
"trust": 1.1,
"url": "http://www.securitytracker.com/id/1034960"
},
{
"trust": 0.8,
"url": "http://cve.mitre.org/cgi-bin/cvename.cgi?name=cve-2016-1319"
},
{
"trust": 0.8,
"url": "http://web.nvd.nist.gov/view/vuln/detail?vulnid=cve-2016-1319"
}
],
"sources": [
{
"db": "VULHUB",
"id": "VHN-90138"
},
{
"db": "JVNDB",
"id": "JVNDB-2016-001497"
},
{
"db": "NVD",
"id": "CVE-2016-1319"
},
{
"db": "CNNVD",
"id": "CNNVD-201602-172"
}
]
},
"sources": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#",
"data": {
"@container": "@list"
}
},
"data": [
{
"db": "VULHUB",
"id": "VHN-90138"
},
{
"db": "JVNDB",
"id": "JVNDB-2016-001497"
},
{
"db": "NVD",
"id": "CVE-2016-1319"
},
{
"db": "CNNVD",
"id": "CNNVD-201602-172"
}
]
},
"sources_release_date": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources_release_date#",
"data": {
"@container": "@list"
}
},
"data": [
{
"date": "2016-02-09T00:00:00",
"db": "VULHUB",
"id": "VHN-90138"
},
{
"date": "2016-02-25T00:00:00",
"db": "JVNDB",
"id": "JVNDB-2016-001497"
},
{
"date": "2016-02-09T03:59:03.320000",
"db": "NVD",
"id": "CVE-2016-1319"
},
{
"date": "2016-02-15T00:00:00",
"db": "CNNVD",
"id": "CNNVD-201602-172"
}
]
},
"sources_update_date": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources_update_date#",
"data": {
"@container": "@list"
}
},
"data": [
{
"date": "2016-12-06T00:00:00",
"db": "VULHUB",
"id": "VHN-90138"
},
{
"date": "2016-02-25T00:00:00",
"db": "JVNDB",
"id": "JVNDB-2016-001497"
},
{
"date": "2016-12-06T03:06:49.590000",
"db": "NVD",
"id": "CVE-2016-1319"
},
{
"date": "2016-02-15T00:00:00",
"db": "CNNVD",
"id": "CNNVD-201602-172"
}
]
},
"threat_type": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/threat_type#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "remote",
"sources": [
{
"db": "CNNVD",
"id": "CNNVD-201602-172"
}
],
"trust": 0.6
},
"title": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/title#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "plural Cisco Vulnerabilities in which important information is obtained in products",
"sources": [
{
"db": "JVNDB",
"id": "JVNDB-2016-001497"
}
],
"trust": 0.8
},
"type": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/type#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "information disclosure",
"sources": [
{
"db": "CNNVD",
"id": "CNNVD-201602-172"
}
],
"trust": 0.6
}
}
Loading…
Loading…
Sightings
| Author | Source | Type | Date |
|---|
Nomenclature
- Seen: The vulnerability was mentioned, discussed, or seen somewhere by the user.
- Confirmed: The vulnerability is confirmed from an analyst perspective.
- Exploited: This vulnerability was exploited and seen by the user reporting the sighting.
- Patched: This vulnerability was successfully patched by the user reporting the sighting.
- Not exploited: This vulnerability was not exploited or seen by the user reporting the sighting.
- Not confirmed: The user expresses doubt about the veracity of the vulnerability.
- Not patched: This vulnerability was not successfully patched by the user reporting the sighting.