CVE-2008-1154
Last modified
CVE-2008-1154 is a vulnerability of currently unknown severity. The Disaster Recovery Framework (DRF) master server in Cisco Unified Communications products, including Unified Communications Manager (CUCM) 5.x and 6.x, Unified Presence 1.x and 6.x, Emergency Responder 2.x, and Mobility Manager 2.x, does not require authentication for requests received from the network, which allows remote attackers to execute arbitrary code via unspecified vectors.. EPSS estimates a 5.14% chance of exploitation in the next 30 days.
Description
The Disaster Recovery Framework (DRF) master server in Cisco Unified Communications products, including Unified Communications Manager (CUCM) 5.x and 6.x, Unified Presence 1.x and 6.x, Emergency Responder 2.x, and Mobility Manager 2.x, does not require authentication for requests received from the network, which allows remote attackers to execute arbitrary code via unspecified vectors.
Metrics
Weakness Enumeration
Affected Software
| Vendor | Product | Versions |
|---|---|---|
| Cisco | Emergency Responder | 2.0 |
| Cisco | Mobility Manager | 2.0 |
| Cisco | Unified Communications Manager | 5.0 |
| Cisco | Unified Communications Manager | 5.1 |
| Cisco | Unified Communications Manager | 6.0 |
| Cisco | Unified Communications Manager | 6.1 |
| Cisco | Unified Presence | 1.0 |
| Cisco | Unified Presence | 6.0 |
References
Timeline
- Published
- Last Modified
- Status
- Modified
Frequently Asked Questions
What is CVE-2008-1154?
How severe is CVE-2008-1154?
How do I fix CVE-2008-1154?
Are you affected by CVE-2008-1154?
Run a free Strix scan to check your systems for this vulnerability.
Scan your code nowSource: NVD / NIST