Cisco Unified Communications Manager (CUCM), formerly Cisco CallManager, contains a denial of service (DoS) vulnerability in the Computer Telephony Integration (CTI) Manager service that may cause an interruption in voice services and an authentication bypass vulnerability inthe Real-Time Information Server (RIS) Data Collector that may expose information that is useful for reconnaissance. The risk is LOW. Successful exploitation of the vulnerabilities in this advisory may result in the interruption of voice services or disclosure of information useful for reconnaissance.
More...