CVE-2015-6410 Information

Description

The Mobile and Remote Access (MRA) services implementation in Cisco Unified Communications Manager mishandles edge-device identity validation which allows remote attackers to bypass intended call-reception and call-setup restrictions by spoofing a user aka Bug ID CSCuu97283.

Reference

http://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20151209-ucm http://www.securityfocus.com/bid/78741 http://www.securitytracker.com/id/1034377