Lucene search
+L

267 matches found

Prion
Prion
added 2018/04/19 8:29 p.m.21 views

Design/Logic Flaw

A vulnerability in the web framework of Cisco Unified Communications Manager could allow an authenticated, local attacker to view sensitive data that should be restricted. This could include LDAP credentials. The vulnerability is due to insufficient protection of database tables over the web...

2.1CVSS6.2AI score0.00364EPSS
Exploits0References3Affected Software1
Cvelist
Cvelist
added 2018/04/19 8:0 p.m.27 views

CVE-2018-0266

A vulnerability in the web framework of Cisco Unified Communications Manager could allow an authenticated, remote attacker to view sensitive data. The vulnerability is due to insufficient protection of database tables over the web interface. An attacker could exploit this vulnerability by browsin...

4.5AI score0.01756EPSS
Exploits0References3
Vulnrichment
Vulnrichment
added 2018/04/19 8:0 p.m.7 views

CVE-2018-0266

A vulnerability in the web framework of Cisco Unified Communications Manager could allow an authenticated, remote attacker to view sensitive data. The vulnerability is due to insufficient protection of database tables over the web interface. An attacker could exploit this vulnerability by browsin...

6.6AI score0.01756EPSS
Exploits0References3
CVE
CVE
added 2018/04/19 8:0 p.m.59 views

CVE-2018-0266

Cisco Unified Communications Manager (CUCM) web framework suffers an information-disclosure vulnerability due to insufficient protection of database tables exposed over the web interface. An authenticated, remote attacker can view configuration parameters by visiting a specific URL. Affected prod...

4.3CVSS4.5AI score0.01756EPSS
Exploits0References3Affected Software1
CVE
CVE
added 2018/04/19 8:0 p.m.74 views

CVE-2018-0267

CVE-2018-0267 affects Cisco Unified Communications Manager (CUCM) Web framework. The issue is an information-disclosure vulnerability where an authenticated, local attacker can view restricted data due to insufficient protection of database tables via the web interface. An attacker could exploit ...

6.5CVSS6.2AI score0.00364EPSS
Exploits0References3Affected Software1
Vulnrichment
Vulnrichment
added 2018/04/19 8:0 p.m.10 views

CVE-2018-0267

A vulnerability in the web framework of Cisco Unified Communications Manager could allow an authenticated, local attacker to view sensitive data that should be restricted. This could include LDAP credentials. The vulnerability is due to insufficient protection of database tables over the web...

6.2AI score0.00364EPSS
Exploits0References3
Cisco
Cisco
added 2018/04/18 4:0 p.m.68 views

Cisco Unified Communications Manager LDAP Information Disclosure Vulnerability

A vulnerability in the web framework of Cisco Unified Communications Manager could allow an authenticated, local attacker to view sensitive data that should be restricted. This could include LDAP credentials. The vulnerability is due to insufficient protection of database tables over the web...

5.5CVSS0.9AI score0.00364EPSS
Exploits0References1
Cisco
Cisco
added 2018/04/18 4:0 p.m.50 views

Cisco Unified Communications Manager HTTP Interface Information Disclosure Vulnerability

A vulnerability in the web framework of Cisco Unified Communications Manager could allow an authenticated, remote attacker to view sensitive data. The vulnerability is due to insufficient protection of database tables over the web interface. An attacker could exploit this vulnerability by browsin...

5.4CVSS1AI score0.01756EPSS
Exploits0References1
NVD
NVD
added 2018/03/27 9:29 a.m.20 views

CVE-2018-0198

A vulnerability in the web framework of Cisco Unified Communications Manager could allow an unauthenticated, remote attacker to view sensitive data. The vulnerability is due to insufficient protection of database tables. An attacker could exploit this vulnerability by browsing to a specific URL. ...

5.3CVSS5.3AI score0.01786EPSS
Exploits0References3
Prion
Prion
added 2018/03/27 9:29 a.m.15 views

Design/Logic Flaw

A vulnerability in the web framework of Cisco Unified Communications Manager could allow an unauthenticated, remote attacker to view sensitive data. The vulnerability is due to insufficient protection of database tables. An attacker could exploit this vulnerability by browsing to a specific URL. ...

5CVSS5.2AI score0.01786EPSS
Exploits0References3
Cvelist
Cvelist
added 2018/03/27 9:0 a.m.20 views

CVE-2018-0198

A vulnerability in the web framework of Cisco Unified Communications Manager could allow an unauthenticated, remote attacker to view sensitive data. The vulnerability is due to insufficient protection of database tables. An attacker could exploit this vulnerability by browsing to a specific URL. ...

5.3AI score0.01786EPSS
Exploits0References3
Cisco
Cisco
added 2018/02/07 4:0 p.m.37 views

Cisco Unified Communications Manager Information Disclosure Vulnerability

A vulnerability in the web framework of Cisco Unified Communications Manager could allow an unauthenticated, remote attacker to view sensitive data. The vulnerability is due to insufficient protection of database tables. An attacker could exploit this vulnerability by browsing to a specific URL. ...

6.5CVSS1.7AI score0.01786EPSS
Exploits0References1
NVD
NVD
added 2018/01/18 6:29 a.m.20 views

CVE-2018-0105

A vulnerability in the web framework of Cisco Unified Communications Manager could allow an unauthenticated, remote attacker to view sensitive data. The vulnerability is due to insufficient protection of database tables. An attacker could exploit this vulnerability by browsing to a specific URL. ...

5.3CVSS5.3AI score0.01739EPSS
Exploits0References3
Prion
Prion
added 2018/01/18 6:29 a.m.13 views

Design/Logic Flaw

A vulnerability in the web framework of Cisco Unified Communications Manager could allow an unauthenticated, remote attacker to view sensitive data. The vulnerability is due to insufficient protection of database tables. An attacker could exploit this vulnerability by browsing to a specific URL. ...

5CVSS5.2AI score0.01739EPSS
Exploits0References3
Vulnrichment
Vulnrichment
added 2018/01/18 6:0 a.m.7 views

CVE-2018-0105

A vulnerability in the web framework of Cisco Unified Communications Manager could allow an unauthenticated, remote attacker to view sensitive data. The vulnerability is due to insufficient protection of database tables. An attacker could exploit this vulnerability by browsing to a specific URL. ...

6.7AI score0.01739EPSS
Exploits0References3
CVE
CVE
added 2018/01/18 6:0 a.m.64 views

CVE-2018-0105

The CVE-2018-0105 entry describes an information-disclosure flaw in the web framework of Cisco Unified Communications Manager (CUCM). The root cause is insufficient protection of database tables, allowing an unauthenticated, remote attacker to view data by visiting a specific URL. Affected compon...

5.3CVSS5.2AI score0.01739EPSS
Exploits0References3Affected Software1
Cvelist
Cvelist
added 2018/01/18 6:0 a.m.26 views

CVE-2018-0105

A vulnerability in the web framework of Cisco Unified Communications Manager could allow an unauthenticated, remote attacker to view sensitive data. The vulnerability is due to insufficient protection of database tables. An attacker could exploit this vulnerability by browsing to a specific URL. ...

5.3AI score0.01739EPSS
Exploits0References3
Cisco
Cisco
added 2018/01/17 4:0 p.m.45 views

Cisco Enterprise License Manager Information Disclosure Vulnerability

A vulnerability in the web framework of Cisco Enterprise License Manager could allow an unauthenticated, remote attacker to view sensitive data. The vulnerability is due to insufficient protection of database tables. An attacker could exploit this vulnerability by browsing to a specific URL. An...

6.5CVSS1.5AI score0.01739EPSS
Exploits0References1
Cisco
Cisco
added 2018/01/17 4:0 p.m.57 views

Cisco Unified Communications Manager Information Disclosure Vulnerability

A vulnerability in the web framework of Cisco Unified Communications Manager could allow an unauthenticated, remote attacker to view sensitive data. The vulnerability is due to insufficient protection of database tables. An attacker could exploit this vulnerability by browsing to a specific URL. ...

6.5CVSS5.3AI score0.01739EPSS
Exploits0References1Affected Software1
NVD
NVD
added 2017/11/30 9:29 a.m.17 views

CVE-2017-12364

A SQL Injection vulnerability in the web framework of Cisco Prime Service Catalog could allow an unauthenticated, remote attacker to execute unauthorized Structured Query Language SQL queries. The vulnerability is due to a failure to validate user-supplied input that is used in SQL queries. An...

6.5CVSS6.9AI score0.01301EPSS
Exploits0References3
Rows per page
Query Builder