Vulnerability Information
Although we use advanced large model technology, its output may still contain inaccurate or outdated information.Shenlong tries to ensure data accuracy, but please verify and judge based on the actual situation.
Vulnerability Title
Cisco Unified Communications Products Timing Attack Vulnerability
Vulnerability Description
A vulnerability in Cisco Unified Communications Manager (Unified CM), Cisco Unified Communications Manager Session Management Edition (Unified CM SME), and Cisco Unity Connection could allow an unauthenticated, remote attacker to perform a timing attack. This vulnerability is due to insufficient protection of a system password. An attacker could exploit this vulnerability by observing the time it takes the system to respond to various queries. A successful exploit could allow the attacker to determine a sensitive system password.
CVSS Information
CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:N
Vulnerability Type
通过时间差异性导致的信息暴露
Vulnerability Title
Cisco Unified Communications Manager 和 Cisco Unity Connection安全漏洞
Vulnerability Description
Cisco Unity Connection(UC)和Cisco Unified Communications Manager(CUCM,Unified CM,CallManager)都是美国思科(Cisco)公司的产品。Cisco Unity Connection是一套语音留言平台。该平台可利用语音命令,以免提方式拨打电话或收听留言。Cisco Unified Communications Manager是一款统一通信系统中的呼叫处理组件。该组件提供了一种可扩展、可分布和高可用的企业IP电话呼叫处理解决
CVSS Information
N/A
Vulnerability Type
N/A