1. Home
  2. CVE Database
  3. CVE-2013-6978
MEDIUM · 4.0

CVE-2013-6978

The disaster recovery system (DRS) component in Cisco Unified Communications Manager (UCM) 9.1(1) and earlier allows remote authenticated users to obtain sensitive device information by reading "extra...

Vulnerability Description

The disaster recovery system (DRS) component in Cisco Unified Communications Manager (UCM) 9.1(1) and earlier allows remote authenticated users to obtain sensitive device information by reading "extraneous information" in HTML source code, aka Bug ID CSCuj39249.

CVSS Score

4.0

MEDIUM

AV:N/AC:L/Au:S/C:P/I:N/A:N
Confidentiality
PARTIAL
Integrity
NONE
Availability
NONE

Affected Products

VendorProductVersions
CiscoUnified Communications Manager<= 9.1\(1\)

Related Weaknesses (CWE)

CWE-200

References

FAQ

What is CVE-2013-6978?

CVE-2013-6978 is a vulnerability with a CVSS score of 4.0 (MEDIUM). The disaster recovery system (DRS) component in Cisco Unified Communications Manager (UCM) 9.1(1) and earlier allows remote authenticated users to obtain sensitive device information by reading "extra...

How severe is CVE-2013-6978?

CVE-2013-6978 has been rated MEDIUM with a CVSS base score of 4.0/10. Review the CVSS metrics above for detailed severity breakdown.

Is there a patch for CVE-2013-6978?

Check the references section above for vendor advisories and patch information. Affected products include: Cisco Unified Communications Manager.