Vulnerability Information
Although we use advanced large model technology, its output may still contain inaccurate or outdated information.Shenlong tries to ensure data accuracy, but please verify and judge based on the actual situation.
Vulnerability Title
N/A
Vulnerability Description
The CTIManager module in Cisco Unified Communications Manager (CM) 10.0(1), when single sign-on is enabled, does not properly validate Kerberos SSO tokens, which allows remote authenticated users to gain privileges and execute arbitrary commands via crafted token data, aka Bug ID CSCum95491.
CVSS Information
N/A
Vulnerability Type
N/A
Vulnerability Title
Cisco Unified Communications Manager 输入验证漏洞
Vulnerability Description
Cisco Unified Communications Manager(CUCM,Unified CM,CallManager)是美国思科(Cisco)公司的一款统一通信系统中的呼叫处理组件。该组件提供了一种可扩展、可分布和高可用的企业IP电话呼叫处理解决方案。 Cisco Unified CM 10.0(1)版本的CTIManager模块中存在安全漏洞,该漏洞源于程序设置成单点登录时,没有正确验证Kerberos SSO令牌。远程攻击者可通过特制的令牌数据利用该漏洞获取权限,并执行任意命令。
CVSS Information
N/A
Vulnerability Type
N/A