CVE-2009-0632

critical Cisco
CVSS v3 Base Score
9.0
AV:N/AC:L/Au:S/C:C/I:C/A:C
EPSS Score
1.3%
Exploitation probability in 30 days
Top 20% most likely to be exploited
Attack Characteristics
Attack Vector
Network
Attack Complexity
Low
Confidentiality
C
Integrity
C
Availability
C
Published: March 12, 2009 (6271 days ago)
Last Modified: April 23, 2026
Vendor: Cisco
Source: NVD

Description

The IP Phone Personal Address Book (PAB) Synchronizer feature in Cisco Unified Communications Manager (aka CUCM, formerly CallManager) 4.1, 4.2 before 4.2(3)SR4b, 4.3 before 4.3(2)SR1b, 5.x before 5.1(3e), 6.x before 6.1(3), and 7.0 before 7.0(2) sends privileged directory-service account credentials to the client in cleartext, which allows remote attackers to modify the CUCM configuration and perform other privileged actions by intercepting these credentials, and then using them in requests unrelated to the intended synchronization task, as demonstrated by (1) DC Directory account credentials in CUCM 4.x and (2) TabSyncSysUser account credentials in CUCM 5.x through 7.x.

CWE

CWE-255

Affected Products

cisco unified communications manager

References

🔗 osvdb.org 🔗 secunia.com 🔗 www.cisco.com 🔗 www.cisco.com 🔗 www.securityfocus.com