Unrated severityNVD Advisory· Published Jun 26, 2015· Updated May 6, 2026

CVE-2015-4221

Description

Cisco Unified Communications Manager IM and Presence Service 9.1(1) does not properly restrict access to encrypted passwords, which allows remote attackers to determine cleartext passwords, and consequently execute arbitrary commands, by visiting an unspecified web page and then conducting a decryption attack, aka Bug ID CSCuq46194.

Affected products

Cisco Systems, Inc./Unified Communications Manager Im And Presence Service
cpe:2.3:a:cisco:unified_communications_manager_im_and_presence_service:9.1\(1\):*:*:*:*:*:*:*

Patches

No patches discovered yet.

Vulnerability mechanics

AI mechanics synthesis has not run for this CVE yet.

References

tools.cisco.com/security/center/viewAlert.xnvdVendor Advisory
www.securityfocus.com/bid/75401nvdThird Party AdvisoryVDB Entry
www.securitytracker.com/id/1032716nvdThird Party AdvisoryVDB Entry

News mentions

No linked articles in our index yet.

cvss	0.000
epss	0.000
exploit	0.000
kev	0.000
patch	0.000
ransomware	0.000