MeetingTime in Cisco Unified MeetingPlace 6 before MR5, and possibly 5, allows remote attackers to discover usernames, passwords, and unspecified other data from the user database via a modified authentication sequence to the Audio Server, aka Bug ID CSCsv76935.
Cisco Security Advisory - Multiple vulnerabilities exist in Cisco Unified MeetingPlace. These range from insufficient validation of SQL commands to privilege escalation.