164 matches found
Cisco Expressway Gateway 11.5.1 Directory Traversal
Advisory: Directory Traversal in Cisco Expressway Gateway RedTeam Pentesting discovered a directory traversal vulnerability in Cisco Expressway which enables access to administrative web interfaces. Details ======= Product: Cisco Expressway Gateway Affected Versions: 11.5.1, possibly others Fixed...
CVE-2018-15617
A vulnerability in the "capro" Call Processor process component of Avaya Aura Communication Manager could allow a remote, unauthenticated user to cause denial of service. Affected versions include 6.3.x, all 7.x versions prior to 7.1.3.2, and all 8.x versions prior to 8.0.1...
Code injection
A vulnerability in the "capro" Call Processor process component of Avaya Aura Communication Manager could allow a remote, unauthenticated user to cause denial of service. Affected versions include 6.3.x, all 7.x versions prior to 7.1.3.2, and all 8.x versions prior to 8.0.1...
CVE-2018-15617
A vulnerability in the "capro" Call Processor process component of Avaya Aura Communication Manager could allow a remote, unauthenticated user to cause denial of service. Affected versions include 6.3.x, all 7.x versions prior to 7.1.3.2, and all 8.x versions prior to 8.0.1...
CVE-2018-15617 Communication Manager Denial of Service
A vulnerability in the "capro" Call Processor process component of Avaya Aura Communication Manager could allow a remote, unauthenticated user to cause denial of service. Affected versions include 6.3.x, all 7.x versions prior to 7.1.3.2, and all 8.x versions prior to 8.0.1...
CVE-2018-15617
The CVE-2018-15617 vulnerability affects Avaya Aura Communication Manager’s capro (Call Processor) component and could allow a remote, unauthenticated attacker to cause a denial of service. Affected software includes 6.3.x; all 7.x versions before 7.1.3.2; all 8.x versions before 8.0.1. The avail...
Avaya Aura Communication Manager Elevation of Privilege Vulnerability
Avaya Aura Communication Manager is an open and extensible IP telephony platform from Avaya, Inc. with built-in conferencing and contact center applications and support for a wide range of servers, gateways, and other IP-based communications devices. The platform has built-in conferencing and...
Design/Logic Flaw
A vulnerability in the local system administration component of Avaya Aura Communication Manager can allow an authenticated, privileged user on the local system to gain root privileges. Affected versions include 6.3.x and all 7.x version prior to 7.1.3.1...
CVE-2018-15611
A vulnerability in the local system administration component of Avaya Aura Communication Manager can allow an authenticated, privileged user on the local system to gain root privileges. Affected versions include 6.3.x and all 7.x version prior to 7.1.3.1...
CVE-2018-15611
A vulnerability in the local system administration component of Avaya Aura Communication Manager can allow an authenticated, privileged user on the local system to gain root privileges. Affected versions include 6.3.x and all 7.x version prior to 7.1.3.1...
CVE-2018-15611
CVE-2018-15611 describes an elevation-of-privilege vulnerability in the Avaya Aura Communication Manager’s local system administration component. An authenticated, privileged local user can gain root privileges on affected systems. Affected versions include 6.3.x and all 7.x releases before 7.1.3...
CVE-2018-15611 Communication Manager Local Administrator PrivEsc
A vulnerability in the local system administration component of Avaya Aura Communication Manager can allow an authenticated, privileged user on the local system to gain root privileges. Affected versions include 6.3.x and all 7.x version prior to 7.1.3.1...
CVE-2016-6472
A vulnerability in several parameters of the ccmivr page of Cisco Unified Communication Manager CallManager could allow an unauthenticated, remote attacker to launch a cross-site scripting XSS attack against a user of the web interface on the affected system. More Information: CSCvb37121. Known...
Cross site scripting
A vulnerability in several parameters of the ccmivr page of Cisco Unified Communication Manager CallManager could allow an unauthenticated, remote attacker to launch a cross-site scripting XSS attack against a user of the web interface on the affected system. More Information: CSCvb37121. Known...
CVE-2016-6472
Cisco Unified Communications Manager (CUCM) Web Interface Cross-Site Scripting (CVE-2016-6472) exists in the ccmivr page and can be triggered by unauthenticated remote attackers via parameters, leading to script execution in a user’s browser. Affected release visible in initial data: 11.5(1.2); K...
CVE-2016-6472
A vulnerability in several parameters of the ccmivr page of Cisco Unified Communication Manager CallManager could allow an unauthenticated, remote attacker to launch a cross-site scripting XSS attack against a user of the web interface on the affected system. More Information: CSCvb37121. Known...
SAP NetWeaver AS JAVA Internet Communication Manager Component Denial of Service Vulnerability
SAP NetWeaver is a service-oriented, integrated application platform from SAP that provides a development and runtime environment for SAP applications. SAP NetWeaver AS Application Server Java is an application server that runs in NetWeaver and is based on the Java programming language. Internet...
CVE-2016-3979
Internet Communication Manager aka ICMAN or ICM in SAP JAVA AS 7.2 through 7.4 allows remote attackers to cause a denial of service heap memory corruption and process crash via a crafted HTTP request, related to the IctParseCookies function, aka SAP Security Note 2256185...
Code injection
Unspecified vulnerability in SAP Internet Communication Manager ICM, as used in SAP NetWeaver 7.02 and 7.3, allows remote attackers to cause a denial of service process termination via unknown vectors...
CVE-2014-8591
The CVE-2014-8591 entry concerns SAP Internet Communication Manager (ICM) as used in SAP NetWeaver 7.02 and 7.3. The vulnerability is described as an unspecified remote denial-of-service that causes process termination via unknown vectors. The available documents confirm the affected software ver...