CVE-2018-0267

CVE-2018-0267

Vendor N/A
Product Cisco Unified Communications Manager
Weakness CWE-200 · Info exposure
Published April 19, 2018
Last update November 29, 2024

CVSS base score

What the vulnerability does

01Description

A vulnerability in the web framework of Cisco Unified Communications Manager could allow an authenticated, local attacker to view sensitive data that should be restricted. This could include LDAP credentials. The vulnerability is due to insufficient protection of database tables over the web interface. An attacker could exploit this vulnerability by browsing to a specific URL. An exploit could allow the attacker to view sensitive information that should have been restricted. Cisco Bug IDs: CSCvf22116.

Key dates

02Disclosure timeline

April 19, 2018 CVE published
November 29, 2024 Record updated