19 matches found
EUVD-2013-3407
Malware in sbrugna...
EUVD-2013-6490
Malware in sbrugna...
EUVD-2014-0764
Malware in sbrugna...
Vulnerability fixed in Mitel MiContact Center
Mitel has fixed a vulnerability in MiContact Center. The vulnerability allows an authenticated malicious party with access to the Enterprise License Manager portal is able to obtain system data obtain. Mitel has released updates to fix the vulnerability. More information can be found on the page...
CVE-2021-26714
The Enterprise License Manager portal in Mitel MiContact Center Enterprise before 9.4 could allow a user to access restricted files and folders due to insufficient access control. A successful exploit could allow an attacker to view and modify application data via Directory Traversal...
Directory traversal
The Enterprise License Manager portal in Mitel MiContact Center Enterprise before 9.4 could allow a user to access restricted files and folders due to insufficient access control. A successful exploit could allow an attacker to view and modify application data via Directory Traversal...
CVE-2021-26714
The Enterprise License Manager portal in Mitel MiContact Center Enterprise before 9.4 could allow a user to access restricted files and folders due to insufficient access control. A successful exploit could allow an attacker to view and modify application data via Directory Traversal...
CVE-2021-26714
The CVE-2021-26714 entry affects Mitel MiContact Center Enterprise’s Enterprise License Manager portal prior to version 9.4, where insufficient access control allows Directory Traversal to view/modify application data. The issue is confirmed by multiple sources (NVD entry, Red Hat advisory, and M...
Cisco Enterprise License Manager Information Disclosure Vulnerability
A vulnerability in the web framework of Cisco Enterprise License Manager could allow an unauthenticated, remote attacker to view sensitive data. The vulnerability is due to insufficient protection of database tables. An attacker could exploit this vulnerability by browsing to a specific URL. An...
CVE-2014-0733
The Enterprise License Manager ELM component in Cisco Unified Communications Manager Unified CM 10.01 and earlier does not properly enforce authentication requirements, which allows remote attackers to read ELM files via a direct request to a URL, aka Bug ID CSCum46494...
Cisco Unified Communications Manager Enterprise License Manager Information Disclosure Vulnerability
A vulnerability in the Enterprise License Manager ELM of Cisco Unified Communications Manager Cisco Unified CM could allow an unauthenticated, remote attacker to access underlying ELM files. The vulnerability is due to insufficient authentication enforcement. An attacker could exploit this...
Cisco WebEx Meetings Server Enterprise License Manager Administrative Password Disclosure Vulnerability
A vulnerability in the Cisco WebEx Meetings Server Enterprise License Manager web portal could allow an authenticated, remote attacker to view the administrative password for Cisco WebEx Meetings Server in clear text. The vulnerability is due to the inclusion of the Cisco WebEx Meetings Server...
CVE-2013-6687
The web portal in the Enterprise License Manager component in Cisco WebEx Meetings Server allows remote authenticated users to discover the cleartext administrative password by reading HTML source code, aka Bug ID CSCul33876...
CVE-2013-6688
Directory traversal vulnerability in the license-upload interface in the Enterprise License Manager ELM component in Cisco Unified Communications Manager 9.11 and earlier allows remote authenticated users to create arbitrary files via a crafted path, aka Bug ID CSCui58222...
CVE-2013-6688
Cisco’s advisory CVE-2013-6688 fixes a directory traversal vulnerability in the Enterprise License Manager (ELM) license-upload interface of Cisco Unified Communications Manager 9.1(1) and earlier. The issue arises from insufficient input validation, allowing an authenticated, remote attacker to ...
Cisco Enterprise License Manager Path Traversal Vulnerability
A vulnerability in the license upload interface of the Cisco Enterprise License Manager ELM could allow an authenticated, remote attacker to upload files to arbitrary locations on the filesystem. The vulnerability is due to insufficient input validation. An attacker could exploit this vulnerabili...
CVE-2013-3472
Cross-site request forgery CSRF vulnerability in the Enterprise License Manager ELM in Cisco Unified Communications Manager CM allows remote attackers to hijack the authentication of arbitrary users for requests that make ELM modifications, aka Bug ID CSCui58210...
Cross site request forgery (csrf)
Cross-site request forgery CSRF vulnerability in the Enterprise License Manager ELM in Cisco Unified Communications Manager CM allows remote attackers to hijack the authentication of arbitrary users for requests that make ELM modifications, aka Bug ID CSCui58210...
CVE-2013-3472
Cross-site request forgery CSRF vulnerability in the Enterprise License Manager ELM in Cisco Unified Communications Manager CM allows remote attackers to hijack the authentication of arbitrary users for requests that make ELM modifications, aka Bug ID CSCui58210...