CVE-2021-1362 – A vulnerability in the SOAP API endpoint of Cisco Unified Communications Manager, Cisco Un …

8 April 2021

Vuln ID: CVE-2021-1362

Published: 2021-04-08 04:15:12Z

Description: A vulnerability in the SOAP API endpoint of Cisco Unified Communications Manager, Cisco Unified Communications Manager Session Management Edition, Cisco Unified Communications Manager IM & Presence Service, Cisco Unity Connection, and Cisco Prime License Manager could allow an authenticated, remote attacker to execute arbitrary code on an affected device. This vulnerability is due to improper sanitization of user-supplied input. An attacker could exploit this vulnerability by sending a SOAP API request with crafted parameters to an affected device. A successful exploit could allow the attacker to execute arbitrary code with root privileges on the underlying Linux operating system of the affected device.

Source: NVD.NIST.GOV

Date:

8 April 2021

Categorie(s):

NVD

Tag(s):

NVD

Quishing Attacks Jump Tenfold, Attachment Payloads Halve18 April 2024
Kaspersky Study: Devices Infected With Data-Stealing Malware Increased by 7 Times Since 202018 April 2024
Apple wants to improve the carbon offset market18 April 2024
OpenSSF Warns of Open-Source Social Engineering Threats18 April 2024
Russia’s Sandworm Upgraded to APT44 by Google’s Mandiant18 April 2024