Lucene search
K

8 matches found

OSV
OSV
added 2022/08/10 9:15 a.m.4 views

CVE-2022-20816

A vulnerability in the web-based management interface of Cisco Unified Communications Manager Unified CM and Cisco Unified Communications Manager Session Management Edition Unified CM SME could allow an authenticated, remote attacker to delete arbitrary files from an affected system. This...

8.1CVSS5.9AI score0.0109EPSS
Exploits0References1
Cvelist
Cvelist
added 2021/05/06 12:42 p.m.31 views

CVE-2021-1363 Cisco Unified Communications Manager IM & Presence Service SQL Injection Vulnerabilities

Multiple vulnerabilities in the web-based management interface of Cisco Unified Communications Manager IM & Presence Service could allow an authenticated, remote attacker to conduct SQL injection attacks on an affected system. These vulnerabilities are due to improper validation of user-submitted...

7.1CVSS8.6AI score0.01081EPSS
Exploits0References1
OSV
OSV
added 2018/05/17 3:29 a.m.2 views

CVE-2018-0328

A vulnerability in the web framework of Cisco Unified Communications Manager and Cisco Unified Presence could allow an unauthenticated, remote attacker to conduct a cross-site scripting XSS attack against a user of the web interface of an affected system. The vulnerability is due to insufficient...

6.1CVSS6AI score0.01818EPSS
Exploits0References4
CNVD
CNVD
added 2018/02/22 12:0 a.m.3 views

Cisco Unified Communications Manager Cross-Site Scripting Vulnerability (CNVD-2018-05344)

Cisco Unified Communications Manager CUCM, Unified CM, CallManager is a call-processing component of a unified communications system from Cisco. The component provides a scalable, distributable and highly available enterprise IP telephony call processing solution. A cross-site scripting...

6.1CVSS6.7AI score0.01244EPSS
Exploits0References1
CNVD
CNVD
added 2017/01/25 12:0 a.m.4 views

Cisco Unified Communications Manager Cross-Site Scripting Vulnerability (CNVD-2017-01082)

Cisco Unified Communications Manager is a call processing component of a Cisco IP telephony solution. A cross-site scripting vulnerability exists in Cisco Unified Communications Manager that stems from a failure to validate user input. An attacker could use this vulnerability to execute arbitrary...

6.1CVSS6.8AI score0.01228EPSS
Exploits0References1
BDU FSTEC
BDU FSTEC
added 2016/07/06 12:0 a.m.5 views

The vulnerability of the Cisco Unified Communications Manager software allows a malicious actor to execute arbitrary code.

The vulnerability exists in the function dtls1reassemblefragment in d1both.c in OpenSSL, due to an improper check of the length of fragments in DTLS ClientHello messages. Exploiting this vulnerability allows a remote attacker to execute arbitrary code or cause a service failure buffer overflow an...

10CVSS7.5AI score0.99977EPSS
Exploits4References12Affected Software1
CNVD
CNVD
added 2016/01/11 12:0 a.m.4 views

Cisco Unified Communications Manager SQL Injection Vulnerability

Cisco Unified Communications Manager is an enterprise-class IP telephony call processing system. A security vulnerability exists in Cisco Unified Communications Manager 11.0 0.98000.225 that does not validate user input within a SQL query. An attacker sending a URL containing an SQL statement cou...

6.5CVSS7.8AI score0.01208EPSS
Exploits0References1
Cisco
Cisco
added 2009/03/11 4:0 p.m.27 views

Cisco Unified Communications Manager IP Phone Personal Address Book Synchronizer Privilege Escalation Vulnerability

THIS DOCUMENT IS PROVIDED ON AN "AS IS" BASIS AND DOES NOT IMPLY ANY KIND OF GUARANTEE OR WARRANTY, INCLUDING THE WARRANTIES OF MERCHANTABILITY OR FITNESS FOR A PARTICULAR USE. YOUR USE OF THE INFORMATION ON THE DOCUMENT OR MATERIALS LINKED FROM THE DOCUMENT IS AT YOUR OWN RISK. CISCO RESERVES TH...

9CVSS6.1AI score0.03025EPSS
Exploits0References1
Rows per page
Query Builder