Sign-up

ID

VAR-201506-0316


CVE

CVE-2015-4229


TITLE

Cisco Unified Communications Domain Manager of Web Vulnerabilities that capture important information in the framework

Trust: 0.8

sources: JVNDB: JVNDB-2015-003317

DESCRIPTION

The web framework in Cisco Unified Communications Domain Manager 8.1(4)ER1 allows remote attackers to obtain sensitive information by visiting a bvsmweb URL, aka Bug ID CSCuq22589. Vendors have confirmed this vulnerability Bug ID CSCuq22589 It is released as.By a third party bvsmweb URL By accessing, important information may be obtained. Successfully exploiting this issue may allow an attacker to obtain sensitive information that may aid in further attacks. This issue is tracked by Cisco Bug ID CSCuq22589. This component features scalable, distributed, and highly available enterprise Voice over IP call processing

Trust: 1.98

sources: NVD: CVE-2015-4229 // JVNDB: JVNDB-2015-003317 // BID: 75473 // VULHUB: VHN-82190

AFFECTED PRODUCTS

vendor:ciscomodel:unified communications domain managerscope:eqversion:8.1.4er1

Trust: 1.6

vendor:ciscomodel:unified communications domain managerscope:eqversion:8.1(4)er1

Trust: 0.8

vendor:ciscomodel:unified communications domain manager er1scope:eqversion:8.1.4

Trust: 0.3

sources: BID: 75473 // JVNDB: JVNDB-2015-003317 // CNNVD: CNNVD-201506-609 // NVD: CVE-2015-4229

CVSS

SEVERITY

CVSSV2

CVSSV3

nvd@nist.gov: CVE-2015-4229
value: MEDIUM

Trust: 1.0

NVD: CVE-2015-4229
value: MEDIUM

Trust: 0.8

CNNVD: CNNVD-201506-609
value: MEDIUM

Trust: 0.6

VULHUB: VHN-82190
value: MEDIUM

Trust: 0.1

nvd@nist.gov: CVE-2015-4229
severity: MEDIUM
baseScore: 5.0
vectorString: AV:N/AC:L/AU:N/C:P/I:N/A:N
accessVector: NETWORK
accessComplexity: LOW
authentication: NONE
confidentialityImpact: PARTIAL
integrityImpact: NONE
availabilityImpact: NONE
exploitabilityScore: 10.0
impactScore: 2.9
acInsufInfo: NONE
obtainAllPrivilege: NONE
obtainUserPrivilege: NONE
obtainOtherPrivilege: NONE
userInteractionRequired: NONE
version: 2.0

Trust: 1.8

VULHUB: VHN-82190
severity: MEDIUM
baseScore: 5.0
vectorString: AV:N/AC:L/AU:N/C:P/I:N/A:N
accessVector: NETWORK
accessComplexity: LOW
authentication: NONE
confidentialityImpact: PARTIAL
integrityImpact: NONE
availabilityImpact: NONE
exploitabilityScore: 10.0
impactScore: 2.9
acInsufInfo: NONE
obtainAllPrivilege: NONE
obtainUserPrivilege: NONE
obtainOtherPrivilege: NONE
userInteractionRequired: NONE
version: 2.0

Trust: 0.1

sources: VULHUB: VHN-82190 // JVNDB: JVNDB-2015-003317 // CNNVD: CNNVD-201506-609 // NVD: CVE-2015-4229

PROBLEMTYPE DATA

problemtype:CWE-200

Trust: 1.9

sources: VULHUB: VHN-82190 // JVNDB: JVNDB-2015-003317 // NVD: CVE-2015-4229

THREAT TYPE

remote

Trust: 0.6

sources: CNNVD: CNNVD-201506-609

TYPE

information disclosure

Trust: 0.6

sources: CNNVD: CNNVD-201506-609

CONFIGURATIONS

sources:
            
            
            JVNDB: JVNDB-2015-003317

PATCH
title:39557url:http://tools.cisco.com/security/center/viewAlert.x?alertId=39557
Trust: 0.8
sources:
            
            
            JVNDB: JVNDB-2015-003317

EXTERNAL IDS
db:NVDid:CVE-2015-4229
Trust: 2.8
db:BIDid:75473
Trust: 1.4
db:SECTRACKid:1032749
Trust: 1.1
db:JVNDBid:JVNDB-2015-003317
Trust: 0.8
db:CNNVDid:CNNVD-201506-609
Trust: 0.7
db:VULHUBid:VHN-82190
Trust: 0.1
sources:
            
            
            VULHUB: VHN-82190 // 
            
            
            
            BID: 75473 // 
            
            
            
            JVNDB: JVNDB-2015-003317 // 
            
            
            
            CNNVD: CNNVD-201506-609 // 
            
            
            
            NVD: CVE-2015-4229

REFERENCES
url:http://tools.cisco.com/security/center/viewalert.x?alertid=39557
Trust: 2.0
url:http://www.securityfocus.com/bid/75473
Trust: 1.1
url:http://www.securitytracker.com/id/1032749
Trust: 1.1
url:http://cve.mitre.org/cgi-bin/cvename.cgi?name=cve-2015-4229
Trust: 0.8
url:http://web.nvd.nist.gov/view/vuln/detail?vulnid=cve-2015-4229
Trust: 0.8
url:http://www.cisco.com
Trust: 0.3
sources:
            
            
            VULHUB: VHN-82190 // 
            
            
            
            BID: 75473 // 
            
            
            
            JVNDB: JVNDB-2015-003317 // 
            
            
            
            CNNVD: CNNVD-201506-609 // 
            
            
            
            NVD: CVE-2015-4229

CREDITS
Cisco
Trust: 0.3
sources:
            
            
            BID: 75473

SOURCES
db:VULHUBid:VHN-82190
db:BIDid:75473
db:JVNDBid:JVNDB-2015-003317
db:CNNVDid:CNNVD-201506-609
db:NVDid:CVE-2015-4229

LAST UPDATE DATE
2025-04-13T23:27:32.699000+00:00

SOURCES UPDATE DATE
db:VULHUBid:VHN-82190date:2017-01-04T00:00:00
db:BIDid:75473date:2015-06-29T00:00:00
db:JVNDBid:JVNDB-2015-003317date:2015-07-01T00:00:00
db:CNNVDid:CNNVD-201506-609date:2015-07-01T00:00:00
db:NVDid:CVE-2015-4229date:2025-04-12T10:46:40.837

SOURCES RELEASE DATE
db:VULHUBid:VHN-82190date:2015-06-30T00:00:00
db:BIDid:75473date:2015-06-29T00:00:00
db:JVNDBid:JVNDB-2015-003317date:2015-07-01T00:00:00
db:CNNVDid:CNNVD-201506-609date:2015-06-30T00:00:00
db:NVDid:CVE-2015-4229date:2015-06-30T10:59:02.527