27 matches found
Cisco Unified Communications Manager IM & Presence Service Remote Code Execution Vulnerability (regreSSHion) (cisco-sa-openssh-rce-2024)
According to its self-reported version, CCisco Unified Communications Manager IM & Presence Service is affected by a vulnerability. - A remote code execution vulnerability exists in Cisco Unified Communications Manager IM & Presence Service due to a signal handler race condition found in sshd,...
CVE-2026-20045
A vulnerability in Cisco Unified Communications Manager Unified CM, Cisco Unified Communications Manager Session Management Edition Unified CM SME, Cisco Unified Communications Manager IM & Presence Service Unified CM IM&P, Cisco Unity Connection, and Cisco Webex Calling Dedicated Instance could...
Cisco’s various products have security vulnerabilities
Cisco Unity Connection, among others, are products of the American company Cisco. Cisco Unity Connection is a voice messaging platform. Cisco Unified Communications Manager is a call processing component within unified communication systems. Cisco Unified Communications Manager IM & Presence is a...
Cisco Unified Communications Manager IM & Presence Service Information Disclosure Vulnerability
A vulnerability in the logging component of Cisco Unified Communications Manager IM & Presence Service Unified CM IM&P could allow an authenticated, remote attacker to view sensitive information in clear text on an affected system. This vulnerability is due to the storage of unencrypted credentia...
The vulnerability in the web interfaces of Cisco Unified Communications Manager and Cisco Unified Communications Manager Session Management Edition (SME), as well as Cisco Unified Communications Manager IM & Presence Service, allows a attacker to execute XSS attacks.
The vulnerability of the Cisco Unified Communications Manager and Cisco Unified Communications Manager Session Management Edition SME web interfaces is related to the lack of measures for cleaning incoming data. Exploiting this vulnerability can allow a malicious actor to carry out XSS attacks...
The vulnerability in the web interfaces of Cisco Unified Communications Manager and Cisco Unified Communications Manager Session Management Edition (SME), as well as Cisco Unified Communications Manager IM & Presence Service, the integrated messaging system Cisco Unity Connection, allows a attacker to perform XSS attacks.
The vulnerability in the web interfaces of Cisco Unified Communications Manager and Cisco Unified Communications Manager Session Management Edition SME, as well as Cisco Unified Communications Manager IM & Presence Service, and the integrated messaging system Cisco Unity Connection, exists due to...
The vulnerability of the databases of Cisco Unified Communications Manager and Cisco Unified Communications Manager Session Management Edition (SME), as well as Cisco Unified Communications Manager IM & Presence Service, allows a perpetrator to gain unauthorized access to protected information.
The vulnerability of the Cisco Unified Communications Manager and Cisco Unified Communications Manager Session Management Edition SME databases exists due to an incorrect limitation on the path name to the restricted directory. Exploiting this vulnerability could allow a malicious actor to gain...
CVE-2022-20815
A vulnerability in the web-based management interface of Cisco Unified Communications Manager Unified CM, Cisco Unified CM Session Management Edition Unified CM SME, and Cisco Unified Communications Manager IM & Presence Service Unified CM IM&P could allow an unauthenticated, remote attacker to...
CVE-2022-20786
CVE-2022-20786 affects Cisco Unified Communications Manager IM & Presence Service. The vulnerability is an SQL injection in the web-based management interface caused by improper validation of user-submitted parameters. An authenticated, remote attacker can send malicious requests to the applicati...
The vulnerability in the web interface of Cisco Unified Communications Manager, Cisco Unified Communications Manager Session Management Edition, and Cisco Unified Communications Manager IM & Presence Service allows a perpetrator to compromise the integrity of the protected information.
The vulnerability of the Cisco Unified Communications Manager, Cisco Unified Communications Manager Session Management Edition, and Cisco Unified Communications Manager IM & Presence Service web interfaces is related to the manipulation of inter-site requests. Exploiting this vulnerability allows...
CVE-2021-1363
CVE-2021-1363 affects Cisco Unified Communications Manager IM & Presence Service. The web-based management interface is vulnerable to SQL injection due to improper validation of user-submitted parameters. An authenticated, remote attacker can send crafted requests to the application, potentially ...
CVE-2021-1365
Cisco Unified Communications Manager IM & Presence Service web-based management interface contains SQL injection vulnerabilities caused by improper validation of user-submitted parameters. An authenticated, remote attacker can exploit these vulnerabilities by sending malicious requests to the app...
CVE-2021-1362 Cisco Unified Communications Products Remote Code Execution Vulnerability
A vulnerability in the SOAP API endpoint of Cisco Unified Communications Manager, Cisco Unified Communications Manager Session Management Edition, Cisco Unified Communications Manager IM & Presence Service, Cisco Unity Connection, and Cisco Prime License Manager could allow an authenticated, remo...
The vulnerability of the components of the audit log system for Cisco Unified Communications Manager, Cisco Unified Communications Manager Session Management Edition (SME), Cisco Unified Communications Manager IM & Presence Service (Unified CM IM&P), Cisco Emergency Responder, Cisco Message Exchange System Cisco Unity Connection, and the software for managing license issuance called Cisco Prime License Manager (PLM) allows a perpetrator to gain unauthorized access to protected information.
The vulnerability of the components of the audit system for Cisco Unified Communications Manager, Cisco Unified Communications Manager Session Management Edition SME, Cisco Unified Communications Manager IM & Presence Service Unified CM IM&P, Cisco Emergency Responder, Cisco Message Exchange Syst...
CVE-2021-1364
Multiple vulnerabilities in Cisco Unified Communications Manager IM & Presence Service Unified CM IM&P could allow an attacker to conduct path traversal attacks and SQL injection attacks on an affected system. One of the SQL injection vulnerabilities that affects Unified CM IM&P also affects Cisc...
CVE-2021-1355
Multiple vulnerabilities in Cisco Unified Communications Manager IM & Presence Service Unified CM IM&P could allow an attacker to conduct path traversal attacks and SQL injection attacks on an affected system. One of the SQL injection vulnerabilities that affects Unified CM IM&P also affects Cisc...
Path traversal
Multiple vulnerabilities in Cisco Unified Communications Manager IM & Presence Service Unified CM IM&P could allow an attacker to conduct path traversal attacks and SQL injection attacks on an affected system. One of the SQL injection vulnerabilities that affects Unified CM IM&P also affects Cisc...
CVE-2021-1282
CVE-2021-1282 affects Cisco Unified Communications Manager IM&P, Unified CM, and Unified CM SME via multiple vulnerabilities that enable path traversal and SQL injection in the web interface. The SQL injection vulnerability also impacts the other CM products. Cisco’s advisory notes improper valid...
Cisco Unified Communications Manager IM and Presence Service Denial of Service Vulnerability
A vulnerability in Cisco Unified Communications Manager IM & Presence Service Unified CM IM&P Software could allow an authenticated, remote attacker to cause the Cisco XCP Authentication Service on an affected device to restart, resulting in a denial of service DoS condition. The vulnerability is...
The vulnerability in the web interface for managing Cisco Unified Communications Manager systems, including Cisco Unified Communications Manager Session Management Edition (SME), Cisco Unified Communications Manager IM and Presence (Unified CM IM&P) Service, and the integrated messaging system Cisco Unity Connection, allows a perpetrator to send arbitrary requests.
The vulnerability of the Cisco Unified Communications Manager, Cisco Unified Communications Manager Session Management Edition SME, Cisco Unified Communications Manager IM and Presence Unified CM IM&P Service, and the integrated messaging system Cisco Unity Connection’s web interfaces is related ...