CVE-2015-4221

CVE Database · CVE-2015-4221

CVE-2015-4221

· N/AModified

CVSS v3.1

N/A

EPSS

2.33%

Published

Jun 26, 2015

Modified

May 6, 2026

Public PoC / Exploit

All weaponized →

No public PoC or exploit code indexed for this CVE.

Links to public security research (Exploit-DB, Nuclei, Trickest, GitHub) for defensive use only.

Description

Cisco Unified Communications Manager IM and Presence Service 9.1(1) does not properly restrict access to encrypted passwords, which allows remote attackers to determine cleartext passwords, and consequently execute arbitrary commands, by visiting an unspecified web page and then conducting a decryption attack, aka Bug ID CSCuq46194.

Weaknesses (CWE)

CWE-264

Affected Products (1)

cisco · unified_communications_manager_im_and_presence_servicevulnerable

References (6)

http://tools.cisco.com/security/center/viewAlert.x?alertId=39505

Vendor Advisory

http://www.securityfocus.com/bid/75401

Third Party AdvisoryVDB Entry

http://www.securitytracker.com/id/1032716

Third Party AdvisoryVDB Entry

http://tools.cisco.com/security/center/viewAlert.x?alertId=39505

Vendor Advisory

http://www.securityfocus.com/bid/75401

Third Party AdvisoryVDB Entry

http://www.securitytracker.com/id/1032716

Third Party Advisory

KEV Catalog EPSS Scores Vendors All CVEs