Back to search
CVE-2014-8000
Published: Nov 21, 2014
Modified: Aug 6, 2024
PUBLISHED
Description
Cisco Unified Communications Manager IM and Presence Service 9.1(1) produces different returned messages for URL requests depending on whether a username exists, which allows remote attackers to enumerate user accounts via a series of requests, aka Bug ID CSCur63497.
| Vendor | Product | Versions |
|---|---|---|
n/a | n/a | affected n/a |
References
http://tools.cisco.com/security/center/viewAlert.x?alertId=36467
x_refsource_CONFIRM
20141119 Cisco Unified Communications Manager IM and Presence Service Enumeration Vulnerability
vendor-advisory
x_refsource_CISCO
62558
third-party-advisory
x_refsource_SECUNIA
71173
vdb-entry
x_refsource_BID
1031240
vdb-entry
x_refsource_SECTRACK
cisco-ucm-cve20148000-info-disc(98786)
vdb-entry
x_refsource_XF
Security Training
Train your team to recognize and prevent security threats with our comprehensive security awareness program.
Start TrainingVulnerability Scanning
Discover vulnerabilities in your applications and infrastructure before attackers do.
Scan Now