High severity7.5NVD Advisory· Published Dec 14, 2016· Updated May 6, 2026

CVE-2016-6464

Description

A vulnerability in the web management interface of the Cisco Unified Communications Manager IM and Presence Service could allow an unauthenticated, remote attacker to view information on web pages that should be restricted. More Information: CSCva49629. Known Affected Releases: 11.5(1). Known Fixed Releases: 11.5(1.12000.2) 12.0(0.98000.181).

Affected products

N/a/Cisco Unified Communications Managerv5
Range: Cisco Unified Communications Manager
Cisco Systems, Inc./Unified Communications Manager Im And Presence Service4 versions
cpe:2.3:a:cisco:unified_communications_manager_im_and_presence_service:10.5\(1\):*:*:*:*:*:*:*+ 3 more
- cpe:2.3:a:cisco:unified_communications_manager_im_and_presence_service:10.5\(1\):*:*:*:*:*:*:*
- cpe:2.3:a:cisco:unified_communications_manager_im_and_presence_service:10.5\(2\):*:*:*:*:*:*:*
- cpe:2.3:a:cisco:unified_communications_manager_im_and_presence_service:11.0\(1\):*:*:*:*:*:*:*
- cpe:2.3:a:cisco:unified_communications_manager_im_and_presence_service:11.5\(1\):*:*:*:*:*:*:*

Patches

No patches discovered yet.

Vulnerability mechanics

AI mechanics synthesis has not run for this CVE yet.

References

www.securityfocus.com/bid/94802nvdThird Party AdvisoryVDB Entry
www.securitytracker.com/id/1037412nvdThird Party AdvisoryVDB Entry
tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20161207-ucmnvdVendor Advisory

News mentions

No linked articles in our index yet.

cvss	0.488
epss	0.001
exploit	0.000
kev	0.000
patch	0.000
ransomware	0.000