Vulnerabilities > CVE-2015-6425 - Resource Management Errors vulnerability in Cisco Unified Communications Manager 10.5(0.98000.88)

CVSS 5.0 - MEDIUM

Attack vector

NETWORK

Attack complexity

LOW

Privileges required

NONE

Confidentiality impact

NONE

Integrity impact

NONE

Availability impact

PARTIAL

network

low complexity

cisco

CWE-399

NVD

Published: 2015-12-16

Updated: 2016-12-07

Summary

The WebApplications Identity Management subsystem in Cisco Unified Communications Manager 10.5(0.98000.88) allows remote attackers to cause a denial of service (subsystem outage) via invalid session tokens, aka Bug ID CSCul83786.

Vulnerable Configurations

Part	Description	Count
Application	Cisco Cisco Unified Communications Manager 10.5\(0.98000.88\)	1

Common Weakness Enumeration (CWE)

CWE-399 - Resource Management Errors

References

http://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20151215-ucmim
http://www.securityfocus.com/bid/79275
http://www.securitytracker.com/id/1034431