CVE-2015-6410 — Vulnetix

CVE-2015-6410 PUBLISHED CVSS 4 MEDIUM

The Mobile and Remote Access (MRA) services implementation in Cisco Unified Communications Manager mishandles edge-device identity validation, which allows remote attackers to bypass intended call-reception and call-setup restrictions by spoofing a user, aka Bug ID CSCuu97283.

EPSS 0.18% · 39.0th percentile

Risk Scores

CVSS 2.0

EPSS Score

0.18%

39.0th percentile

Affected Products

Vendor	Product	Versions
cisco	telepresence_video_communication_server_software	*
n/a	n/a	*

Exploit Intelligence

1034377 (circl)
78741 (circl)
20151209 Cisco Unified Communications Manager Mobile and Remote Access Services Identity Attack Vulnerability (cve.org)

Timeline

Dec 9, 2015 CVE Published
Feb 4, 2022 EPSS Score
Mar 29, 2022 EPSS Score
May 20, 2022 EPSS Score
Jul 12, 2022 EPSS Score
Sep 3, 2022 EPSS Score
Oct 26, 2022 EPSS Score
Dec 18, 2022 EPSS Score
Feb 8, 2023 EPSS Score
Mar 7, 2023 EPSS Score
Apr 2, 2023 EPSS Score
May 25, 2023 EPSS Score

References

http://www.securitytracker.com/id/1034377 url
20151209 Cisco Unified Communications Manager Mobile and Remote Access Services Identity Attack Vulnerability vendor-advisory
78741 vdb
https://nvd.nist.gov/vuln/detail/CVE-2015-6410 advisory

Open in Interactive Console →