CVE-2016-1319

Low

Low Medium High Critical

CVSS Score

Published: Feb 09, 2016

Last Modified: Apr 12, 2025

Vulnerability Description

Cisco Unified Communications Manager (aka CallManager) 9.1(2.10000.28), 10.5(2.10000.5), 10.5(2.12901.1), and 11.0(1.10000.10); Unified Communications Manager IM & Presence Service 10.5(2); Unified Contact Center Express 11.0(1); and Unity Connection 10.5(2) store a cleartext encryption key, which allows local users to obtain sensitive information via unspecified vectors, aka Bug ID CSCuv85958.

Known Affected Software

3 configuration(s) from 3 vendor(s)

x14j_firmware

Version:

t-ms14jakucb-1102.5

CPE:

cpe:2.3:o:samsung:x14j_firmware:t-ms14jakucb-1102.5:*:*:*:*:*:*:*

opensolaris

Version:

snv_124

CPE:

cpe:2.3:o:sun:opensolaris:snv_124:*:*:*:*:*:*:*

keymouse_firmware

Version:

3.08

CPE:

cpe:2.3:o:zzinc:keymouse_firmware:3.08:*:*:*:*:windows:*:*

This vulnerability affects 3 software configuration(s). Ensure you patch all affected systems.

References & Resources

Severity Details

out of 10.0

Low

Weakness Type (CWE)

CWE-200

Exposure of Sensitive Information to an Unauthorized Actor

Description: The product exposes sensitive information to an actor that is not explicitly authorized to have access to that information.
Exploit Likelihood: High
Typical Severity: Medium
Abstraction Level: Class