267 matches found
Design/Logic Flaw
A vulnerability in the web framework of Cisco Unified Communications Manager could allow an authenticated, local attacker to view sensitive data that should be restricted. This could include LDAP credentials. The vulnerability is due to insufficient protection of database tables over the web...
CVE-2018-0266
A vulnerability in the web framework of Cisco Unified Communications Manager could allow an authenticated, remote attacker to view sensitive data. The vulnerability is due to insufficient protection of database tables over the web interface. An attacker could exploit this vulnerability by browsin...
CVE-2018-0266
A vulnerability in the web framework of Cisco Unified Communications Manager could allow an authenticated, remote attacker to view sensitive data. The vulnerability is due to insufficient protection of database tables over the web interface. An attacker could exploit this vulnerability by browsin...
CVE-2018-0266
Cisco Unified Communications Manager (CUCM) web framework suffers an information-disclosure vulnerability due to insufficient protection of database tables exposed over the web interface. An authenticated, remote attacker can view configuration parameters by visiting a specific URL. Affected prod...
CVE-2018-0267
CVE-2018-0267 affects Cisco Unified Communications Manager (CUCM) Web framework. The issue is an information-disclosure vulnerability where an authenticated, local attacker can view restricted data due to insufficient protection of database tables via the web interface. An attacker could exploit ...
CVE-2018-0267
A vulnerability in the web framework of Cisco Unified Communications Manager could allow an authenticated, local attacker to view sensitive data that should be restricted. This could include LDAP credentials. The vulnerability is due to insufficient protection of database tables over the web...
Cisco Unified Communications Manager LDAP Information Disclosure Vulnerability
A vulnerability in the web framework of Cisco Unified Communications Manager could allow an authenticated, local attacker to view sensitive data that should be restricted. This could include LDAP credentials. The vulnerability is due to insufficient protection of database tables over the web...
Cisco Unified Communications Manager HTTP Interface Information Disclosure Vulnerability
A vulnerability in the web framework of Cisco Unified Communications Manager could allow an authenticated, remote attacker to view sensitive data. The vulnerability is due to insufficient protection of database tables over the web interface. An attacker could exploit this vulnerability by browsin...
CVE-2018-0198
A vulnerability in the web framework of Cisco Unified Communications Manager could allow an unauthenticated, remote attacker to view sensitive data. The vulnerability is due to insufficient protection of database tables. An attacker could exploit this vulnerability by browsing to a specific URL. ...
Design/Logic Flaw
A vulnerability in the web framework of Cisco Unified Communications Manager could allow an unauthenticated, remote attacker to view sensitive data. The vulnerability is due to insufficient protection of database tables. An attacker could exploit this vulnerability by browsing to a specific URL. ...
CVE-2018-0198
A vulnerability in the web framework of Cisco Unified Communications Manager could allow an unauthenticated, remote attacker to view sensitive data. The vulnerability is due to insufficient protection of database tables. An attacker could exploit this vulnerability by browsing to a specific URL. ...
Cisco Unified Communications Manager Information Disclosure Vulnerability
A vulnerability in the web framework of Cisco Unified Communications Manager could allow an unauthenticated, remote attacker to view sensitive data. The vulnerability is due to insufficient protection of database tables. An attacker could exploit this vulnerability by browsing to a specific URL. ...
CVE-2018-0105
A vulnerability in the web framework of Cisco Unified Communications Manager could allow an unauthenticated, remote attacker to view sensitive data. The vulnerability is due to insufficient protection of database tables. An attacker could exploit this vulnerability by browsing to a specific URL. ...
Design/Logic Flaw
A vulnerability in the web framework of Cisco Unified Communications Manager could allow an unauthenticated, remote attacker to view sensitive data. The vulnerability is due to insufficient protection of database tables. An attacker could exploit this vulnerability by browsing to a specific URL. ...
CVE-2018-0105
A vulnerability in the web framework of Cisco Unified Communications Manager could allow an unauthenticated, remote attacker to view sensitive data. The vulnerability is due to insufficient protection of database tables. An attacker could exploit this vulnerability by browsing to a specific URL. ...
CVE-2018-0105
The CVE-2018-0105 entry describes an information-disclosure flaw in the web framework of Cisco Unified Communications Manager (CUCM). The root cause is insufficient protection of database tables, allowing an unauthenticated, remote attacker to view data by visiting a specific URL. Affected compon...
CVE-2018-0105
A vulnerability in the web framework of Cisco Unified Communications Manager could allow an unauthenticated, remote attacker to view sensitive data. The vulnerability is due to insufficient protection of database tables. An attacker could exploit this vulnerability by browsing to a specific URL. ...
Cisco Enterprise License Manager Information Disclosure Vulnerability
A vulnerability in the web framework of Cisco Enterprise License Manager could allow an unauthenticated, remote attacker to view sensitive data. The vulnerability is due to insufficient protection of database tables. An attacker could exploit this vulnerability by browsing to a specific URL. An...
Cisco Unified Communications Manager Information Disclosure Vulnerability
A vulnerability in the web framework of Cisco Unified Communications Manager could allow an unauthenticated, remote attacker to view sensitive data. The vulnerability is due to insufficient protection of database tables. An attacker could exploit this vulnerability by browsing to a specific URL. ...
CVE-2017-12364
A SQL Injection vulnerability in the web framework of Cisco Prime Service Catalog could allow an unauthenticated, remote attacker to execute unauthorized Structured Query Language SQL queries. The vulnerability is due to a failure to validate user-supplied input that is used in SQL queries. An...