{"resultsPerPage":1,"startIndex":0,"totalResults":1,"format":"NVD_CVE","version":"2.0","timestamp":"2026-04-18T21:08:42.545","vulnerabilities":[{"cve":{"id":"CVE-2021-1406","sourceIdentifier":"psirt@cisco.com","published":"2021-04-08T04:15:12.593","lastModified":"2024-11-21T05:44:16.997","vulnStatus":"Modified","cveTags":[],"descriptions":[{"lang":"en","value":"A vulnerability in Cisco Unified Communications Manager (Unified CM) and Cisco Unified Communications Manager Session Management Edition (Unified CM SME) could allow an authenticated, remote attacker to access sensitive information on an affected device. The vulnerability is due to improper inclusion of sensitive information in downloadable files. An attacker could exploit this vulnerability by authenticating to an affected device and issuing a specific set of commands. A successful exploit could allow the attacker to obtain hashed credentials of system users. To exploit this vulnerability an attacker would need to have valid user credentials with elevated privileges."},{"lang":"es","value":"Una vulnerabilidad en Cisco Unified Communications Manager (Unified CM) y Cisco Unified Communications Manager Session Management Edition (Unified CM SME), podría permitir a un atacante remoto autenticado acceder a información confidencial en un dispositivo afectado.&#xa0;La vulnerabilidad es debido a una inclusión inapropiada de información confidencial en archivos descargables.&#xa0;Un atacante podría explotar esta vulnerabilidad al autenticarse en un dispositivo afectado y emitir un ajuste específico de comandos.&#xa0;Una explotación con éxito podría permitir al atacante obtener credenciales hash de los usuarios del sistema.&#xa0;Para explotar esta vulnerabilidad, un atacante necesitaría tener credenciales de usuario válidas con privilegios elevados"}],"metrics":{"cvssMetricV31":[{"source":"psirt@cisco.com","type":"Secondary","cvssData":{"version":"3.1","vectorString":"CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:U/C:H/I:N/A:N","baseScore":4.9,"baseSeverity":"MEDIUM","attackVector":"NETWORK","attackComplexity":"LOW","privilegesRequired":"HIGH","userInteraction":"NONE","scope":"UNCHANGED","confidentialityImpact":"HIGH","integrityImpact":"NONE","availabilityImpact":"NONE"},"exploitabilityScore":1.2,"impactScore":3.6},{"source":"nvd@nist.gov","type":"Primary","cvssData":{"version":"3.1","vectorString":"CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:U/C:H/I:N/A:N","baseScore":4.9,"baseSeverity":"MEDIUM","attackVector":"NETWORK","attackComplexity":"LOW","privilegesRequired":"HIGH","userInteraction":"NONE","scope":"UNCHANGED","confidentialityImpact":"HIGH","integrityImpact":"NONE","availabilityImpact":"NONE"},"exploitabilityScore":1.2,"impactScore":3.6}],"cvssMetricV2":[{"source":"nvd@nist.gov","type":"Primary","cvssData":{"version":"2.0","vectorString":"AV:N/AC:L/Au:S/C:P/I:N/A:N","baseScore":4.0,"accessVector":"NETWORK","accessComplexity":"LOW","authentication":"SINGLE","confidentialityImpact":"PARTIAL","integrityImpact":"NONE","availabilityImpact":"NONE"},"baseSeverity":"MEDIUM","exploitabilityScore":8.0,"impactScore":2.9,"acInsufInfo":false,"obtainAllPrivilege":false,"obtainUserPrivilege":false,"obtainOtherPrivilege":false,"userInteractionRequired":false}]},"weaknesses":[{"source":"psirt@cisco.com","type":"Secondary","description":[{"lang":"en","value":"CWE-538"}]},{"source":"nvd@nist.gov","type":"Primary","description":[{"lang":"en","value":"CWE-200"}]}],"configurations":[{"nodes":[{"operator":"OR","negate":false,"cpeMatch":[{"vulnerable":true,"criteria":"cpe:2.3:a:cisco:unified_communications_manager:10.5\\(2\\):*:*:*:-:*:*:*","matchCriteriaId":"6781FEB3-73CF-451E-A373-19657DE750FE"},{"vulnerable":true,"criteria":"cpe:2.3:a:cisco:unified_communications_manager:10.5\\(2\\):*:*:*:session_management:*:*:*","matchCriteriaId":"37F53ABC-C019-4BBB-8881-395F286EA43F"},{"vulnerable":true,"criteria":"cpe:2.3:a:cisco:unified_communications_manager:10.5\\(2\\)su1:*:*:*:-:*:*:*","matchCriteriaId":"8E10EACB-885B-4FB1-89D7-1038336B997B"},{"vulnerable":true,"criteria":"cpe:2.3:a:cisco:unified_communications_manager:10.5\\(2\\)su1:*:*:*:session_management:*:*:*","matchCriteriaId":"4277C3ED-77E5-4BBD-867E-0E5AD26CABDB"},{"vulnerable":true,"criteria":"cpe:2.3:a:cisco:unified_communications_manager:10.5\\(2\\)su2:*:*:*:-:*:*:*","matchCriteriaId":"00B8DC04-D9B0-432A-B9B9-5E3A9428528B"},{"vulnerable":true,"criteria":"cpe:2.3:a:cisco:unified_communications_manager:10.5\\(2\\)su2:*:*:*:session_management:*:*:*","matchCriteriaId":"785CD3D7-9967-4F4E-A76A-66F514BB8D46"},{"vulnerable":true,"criteria":"cpe:2.3:a:cisco:unified_communications_manager:10.5\\(2\\)su2a:*:*:*:-:*:*:*","matchCriteriaId":"9F72E5FC-0459-4366-8D47-93306F25D31D"},{"vulnerable":true,"criteria":"cpe:2.3:a:cisco:unified_communications_manager:10.5\\(2\\)su2a:*:*:*:session_management:*:*:*","matchCriteriaId":"F9C6D49F-954B-4057-A51A-6ED1304EEC68"},{"vulnerable":true,"criteria":"cpe:2.3:a:cisco:unified_communications_manager:10.5\\(2\\)su3:*:*:*:-:*:*:*","matchCriteriaId":"8FD488BB-6EB2-4084-B9C3-23E41D1FE0DD"},{"vulnerable":true,"criteria":"cpe:2.3:a:cisco:unified_communications_manager:10.5\\(2\\)su3:*:*:*:session_management:*:*:*","matchCriteriaId":"3225F4E8-4D2E-40EC-9BC0-799D34AB9C5C"},{"vulnerable":true,"criteria":"cpe:2.3:a:cisco:unified_communications_manager:10.5\\(2\\)su3a:*:*:*:-:*:*:*","matchCriteriaId":"32ADCDE2-5069-472A-96FB-20A62337DDE2"},{"vulnerable":true,"criteria":"cpe:2.3:a:cisco:unified_communications_manager:10.5\\(2\\)su3a:*:*:*:session_management:*:*:*","matchCriteriaId":"57633170-0285-4C0E-A58F-AF970B97F24C"},{"vulnerable":true,"criteria":"cpe:2.3:a:cisco:unified_communications_manager:10.5\\(2\\)su4:*:*:*:-:*:*:*","matchCriteriaId":"100A3B73-B286-4358-A829-7AFBE685F9E4"},{"vulnerable":true,"criteria":"cpe:2.3:a:cisco:unified_communications_manager:10.5\\(2\\)su4:*:*:*:session_management:*:*:*","matchCriteriaId":"9262E014-86BE-41B5-827B-297157796107"},{"vulnerable":true,"criteria":"cpe:2.3:a:cisco:unified_communications_manager:10.5\\(2\\)su4a:*:*:*:-:*:*:*","matchCriteriaId":"12D7018F-A242-49E2-9A2D-663EA34F6B4E"},{"vulnerable":true,"criteria":"cpe:2.3:a:cisco:unified_communications_manager:10.5\\(2\\)su4a:*:*:*:session_management:*:*:*","matchCriteriaId":"A987F37B-3705-4A99-BD79-0575A5882A7C"},{"vulnerable":true,"criteria":"cpe:2.3:a:cisco:unified_communications_manager:10.5\\(2\\)su5:*:*:*:*:*:*:*","matchCriteriaId":"D7E3D8BF-B5A3-4857-94B7-3BDA59BD9BD0"},{"vulnerable":true,"criteria":"cpe:2.3:a:cisco:unified_communications_manager:10.5\\(2\\)su6:*:*:*:-:*:*:*","matchCriteriaId":"9C36CC93-51D2-4856-860F-4DE90721B5EF"},{"vulnerable":true,"criteria":"cpe:2.3:a:cisco:unified_communications_manager:10.5\\(2\\)su6:*:*:*:session_management:*:*:*","matchCriteriaId":"0BC9CF9C-653E-45AF-8C15-E0D6052938B3"},{"vulnerable":true,"criteria":"cpe:2.3:a:cisco:unified_communications_manager:10.5\\(2\\)su6a:*:*:*:-:*:*:*","matchCriteriaId":"2C76AE40-E203-4206-AA54-D1B47EFBBFCE"},{"vulnerable":true,"criteria":"cpe:2.3:a:cisco:unified_communications_manager:10.5\\(2\\)su6a:*:*:*:session_management:*:*:*","matchCriteriaId":"0C51FA8B-D576-4174-947E-37DA5954B372"},{"vulnerable":true,"criteria":"cpe:2.3:a:cisco:unified_communications_manager:10.5\\(2\\)su7:*:*:*:-:*:*:*","matchCriteriaId":"A5677040-8E71-43A7-A5AB-389A2446FBB5"},{"vulnerable":true,"criteria":"cpe:2.3:a:cisco:unified_communications_manager:10.5\\(2\\)su7:*:*:*:session_management:*:*:*","matchCriteriaId":"95D7060A-A44C-41F7-8F16-D6D066FA9E40"},{"vulnerable":true,"criteria":"cpe:2.3:a:cisco:unified_communications_manager:10.5\\(2\\)su8:*:*:*:-:*:*:*","matchCriteriaId":"D2C99CC1-D20B-483D-83B2-C5A5654170D0"},{"vulnerable":true,"criteria":"cpe:2.3:a:cisco:unified_communications_manager:10.5\\(2\\)su8:*:*:*:session_management:*:*:*","matchCriteriaId":"C4CE477A-3796-4EF9-9158-E96A6058C208"},{"vulnerable":true,"criteria":"cpe:2.3:a:cisco:unified_communications_manager:10.5\\(2\\)su9:*:*:*:-:*:*:*","matchCriteriaId":"D0D0CC2A-4C22-440B-890C-C123562D3744"},{"vulnerable":true,"criteria":"cpe:2.3:a:cisco:unified_communications_manager:10.5\\(2\\)su9:*:*:*:session_management:*:*:*","matchCriteriaId":"F4558E9D-6144-4DD3-8131-D46DF5E066E8"},{"vulnerable":true,"criteria":"cpe:2.3:a:cisco:unified_communications_manager:10.5\\(2\\)su10:*:*:*:-:*:*:*","matchCriteriaId":"24016D28-5B31-4A92-806B-36AC44CC4476"},{"vulnerable":true,"criteria":"cpe:2.3:a:cisco:unified_communications_manager:10.5\\(2\\)su10:*:*:*:session_management:*:*:*","matchCriteriaId":"0338F894-23F2-4063-AF30-A094F06BF0C0"},{"vulnerable":true,"criteria":"cpe:2.3:a:cisco:unified_communications_manager:11.5\\(1\\):*:*:*:-:*:*:*","matchCriteriaId":"7E958AFF-185D-4D55-B74B-485BEAEC42FD"},{"vulnerable":true,"criteria":"cpe:2.3:a:cisco:unified_communications_manager:11.5\\(1\\):*:*:*:session_management:*:*:*","matchCriteriaId":"F770709C-FFB2-4A4E-A2D8-2EAA23F2E87C"},{"vulnerable":true,"criteria":"cpe:2.3:a:cisco:unified_communications_manager:11.5\\(1\\)su1:*:*:*:-:*:*:*","matchCriteriaId":"9938A5E6-0A2E-46C3-B347-EA63304A8511"},{"vulnerable":true,"criteria":"cpe:2.3:a:cisco:unified_communications_manager:11.5\\(1\\)su1:*:*:*:session_management:*:*:*","matchCriteriaId":"AC3A6965-5989-47B1-BF13-F6D306BCE412"},{"vulnerable":true,"criteria":"cpe:2.3:a:cisco:unified_communications_manager:11.5\\(1\\)su2:*:*:*:-:*:*:*","matchCriteriaId":"0E572C74-117F-455B-8A5D-14E3A363F087"},{"vulnerable":true,"criteria":"cpe:2.3:a:cisco:unified_communications_manager:11.5\\(1\\)su2:*:*:*:session_management:*:*:*","matchCriteriaId":"641F8DC2-0595-41B5-B154-9CAB37B7E5F7"},{"vulnerable":true,"criteria":"cpe:2.3:a:cisco:unified_communications_manager:11.5\\(1\\)su3:*:*:*:-:*:*:*","matchCriteriaId":"319DA981-B200-409F-94D1-0808E0555F53"},{"vulnerable":true,"criteria":"cpe:2.3:a:cisco:unified_communications_manager:11.5\\(1\\)su3:*:*:*:session_management:*:*:*","matchCriteriaId":"81F945BC-7A46-48F8-B709-67692CF62C9A"},{"vulnerable":true,"criteria":"cpe:2.3:a:cisco:unified_communications_manager:11.5\\(1\\)su4:*:*:*:-:*:*:*","matchCriteriaId":"841C7F5B-29F6-441C-8F02-DBCE8D1CD160"},{"vulnerable":true,"criteria":"cpe:2.3:a:cisco:unified_communications_manager:11.5\\(1\\)su4:*:*:*:session_management:*:*:*","matchCriteriaId":"C8D79377-AEA4-4F7D-931C-7938F2E72108"},{"vulnerable":true,"criteria":"cpe:2.3:a:cisco:unified_communications_manager:11.5\\(1\\)su5:*:*:*:-:*:*:*","matchCriteriaId":"0FC7FF7F-4870-4F68-B883-40AF4EAB8D15"},{"vulnerable":true,"criteria":"cpe:2.3:a:cisco:unified_communications_manager:11.5\\(1\\)su5:*:*:*:session_management:*:*:*","matchCriteriaId":"7BD8C20B-2C1E-422D-87C0-D478F4A3CFE9"},{"vulnerable":true,"criteria":"cpe:2.3:a:cisco:unified_communications_manager:11.5\\(1\\)su7:*:*:*:-:*:*:*","matchCriteriaId":"BB663114-EC3F-4E9F-888D-5E4298C6F832"},{"vulnerable":true,"criteria":"cpe:2.3:a:cisco:unified_communications_manager:11.5\\(1\\)su7:*:*:*:session_management:*:*:*","matchCriteriaId":"430E4021-05BF-4E41-B197-BE2EEF8A8B76"},{"vulnerable":true,"criteria":"cpe:2.3:a:cisco:unified_communications_manager:11.5\\(1\\)su8:*:*:*:-:*:*:*","matchCriteriaId":"1E6135D4-FA64-425B-BE91-174D38B5DBDD"},{"vulnerable":true,"criteria":"cpe:2.3:a:cisco:unified_communications_manager:11.5\\(1\\)su8:*:*:*:session_management:*:*:*","matchCriteriaId":"3912C8CB-01BF-4627-8960-E83F015115C8"},{"vulnerable":true,"criteria":"cpe:2.3:a:cisco:unified_communications_manager:11.5\\(1\\)su9:*:*:*:-:*:*:*","matchCriteriaId":"7E0BC7A5-8DED-49FA-AC67-55FD5082876B"},{"vulnerable":true,"criteria":"cpe:2.3:a:cisco:unified_communications_manager:11.5\\(1\\)su9:*:*:*:session_management:*:*:*","matchCriteriaId":"075DF8B4-1651-46A4-8FE6-BEDC264E871A"},{"vulnerable":true,"criteria":"cpe:2.3:a:cisco:unified_communications_manager:12.0\\(1\\):*:*:*:-:*:*:*","matchCriteriaId":"F2742FD5-CE1D-4FDC-818F-125600015BDF"},{"vulnerable":true,"criteria":"cpe:2.3:a:cisco:unified_communications_manager:12.0\\(1\\):*:*:*:session_management:*:*:*","matchCriteriaId":"EA9B0067-9B0E-4DF3-B443-C8C9C48B3957"},{"vulnerable":true,"criteria":"cpe:2.3:a:cisco:unified_communications_manager:12.5\\(1\\):*:*:*:-:*:*:*","matchCriteriaId":"0F4F8482-029A-4A84-97F1-9EDEDCE42C6B"},{"vulnerable":true,"criteria":"cpe:2.3:a:cisco:unified_communications_manager:12.5\\(1\\):*:*:*:session_management:*:*:*","matchCriteriaId":"EB810DDE-18A0-4168-8EC1-726DA62453E8"},{"vulnerable":true,"criteria":"cpe:2.3:a:cisco:unified_communications_manager:12.5\\(1\\)su1:*:*:*:-:*:*:*","matchCriteriaId":"616BEDFF-EB9A-4ADE-A672-B2E709DC844B"},{"vulnerable":true,"criteria":"cpe:2.3:a:cisco:unified_communications_manager:12.5\\(1\\)su1:*:*:*:session_management:*:*:*","matchCriteriaId":"628A15DE-7852-4D4F-9D8B-A20A841708CB"},{"vulnerable":true,"criteria":"cpe:2.3:a:cisco:unified_communications_manager:12.5\\(1\\)su2:*:*:*:-:*:*:*","matchCriteriaId":"E077A144-3D5E-4984-8F2B-6A69C5ED3EE6"},{"vulnerable":true,"criteria":"cpe:2.3:a:cisco:unified_communications_manager:12.5\\(1\\)su2:*:*:*:session_management:*:*:*","matchCriteriaId":"25D5286C-249E-480A-88F9-0A573737297A"},{"vulnerable":true,"criteria":"cpe:2.3:a:cisco:unified_communications_manager:12.5\\(1\\)su3:*:*:*:-:*:*:*","matchCriteriaId":"6353BE27-91F0-4E8B-89A3-30EC189798F3"},{"vulnerable":true,"criteria":"cpe:2.3:a:cisco:unified_communications_manager:12.5\\(1\\)su3:*:*:*:session_management:*:*:*","matchCriteriaId":"B4057BD8-B5C0-4A61-8AD7-8E59F351AF8B"},{"vulnerable":true,"criteria":"cpe:2.3:a:cisco:unified_communications_manager:12.5\\(1\\)su4:*:*:*:-:*:*:*","matchCriteriaId":"F1FAF361-CEE8-4F75-B444-CFFB8A7D9AFE"},{"vulnerable":true,"criteria":"cpe:2.3:a:cisco:unified_communications_manager:12.5\\(1\\)su4:*:*:*:session_management:*:*:*","matchCriteriaId":"15292BC9-7129-4BCF-BAED-E8EBDC27AFA4"},{"vulnerable":true,"criteria":"cpe:2.3:a:cisco:unified_communications_manager:12.5\\(1\\)su5:*:*:*:-:*:*:*","matchCriteriaId":"387C66C7-42D7-4794-898C-85A098189BAA"},{"vulnerable":true,"criteria":"cpe:2.3:a:cisco:unified_communications_manager:12.5\\(1\\)su5:*:*:*:session_management:*:*:*","matchCriteriaId":"BC19BCD4-4E59-4B5A-936F-AF3F31315BA3"}]}]}],"references":[{"url":"https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-cucm-inf-disc-wCxZNjL2","source":"psirt@cisco.com","tags":["Vendor Advisory"]},{"url":"https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-cucm-inf-disc-wCxZNjL2","source":"af854a3a-2127-422b-91ae-364da2661108","tags":["Vendor Advisory"]}]}}]}