Lucene search
K

27 matches found

Tenable Nessus
Tenable Nessus
added 2026/05/07 12:0 a.m.6 views

Cisco Unified Communications Manager IM & Presence Service Remote Code Execution Vulnerability (regreSSHion) (cisco-sa-openssh-rce-2024)

According to its self-reported version, CCisco Unified Communications Manager IM & Presence Service is affected by a vulnerability. - A remote code execution vulnerability exists in Cisco Unified Communications Manager IM & Presence Service due to a signal handler race condition found in sshd,...

8.1CVSS7.6AI score0.99506EPSS
Exploits68References3
ATTACKERKB
ATTACKERKB
added 2026/01/21 4:26 p.m.6 views

CVE-2026-20045

A vulnerability in Cisco Unified Communications Manager Unified CM, Cisco Unified Communications Manager Session Management Edition Unified CM SME, Cisco Unified Communications Manager IM & Presence Service Unified CM IM&P, Cisco Unity Connection, and Cisco Webex Calling Dedicated Instance could...

9.8CVSS6.6AI score0.04307EPSS
In wildExploits1References2Affected Software3
CNNVD
CNNVD
added 2026/01/21 12:0 a.m.8 views

Cisco’s various products have security vulnerabilities

Cisco Unity Connection, among others, are products of the American company Cisco. Cisco Unity Connection is a voice messaging platform. Cisco Unified Communications Manager is a call processing component within unified communication systems. Cisco Unified Communications Manager IM & Presence is a...

9.8CVSS6.4AI score0.04307EPSS
Exploits1References3
Cisco
Cisco
added 2024/11/06 4:0 p.m.15 views

Cisco Unified Communications Manager IM & Presence Service Information Disclosure Vulnerability

A vulnerability in the logging component of Cisco Unified Communications Manager IM & Presence Service Unified CM IM&P could allow an authenticated, remote attacker to view sensitive information in clear text on an affected system. This vulnerability is due to the storage of unencrypted credentia...

6.5CVSS6.3AI score0.00435EPSS
Exploits0References1
BDU FSTEC
BDU FSTEC
added 2022/07/11 12:0 a.m.6 views

The vulnerability in the web interfaces of Cisco Unified Communications Manager and Cisco Unified Communications Manager Session Management Edition (SME), as well as Cisco Unified Communications Manager IM & Presence Service, allows a attacker to execute XSS attacks.

The vulnerability of the Cisco Unified Communications Manager and Cisco Unified Communications Manager Session Management Edition SME web interfaces is related to the lack of measures for cleaning incoming data. Exploiting this vulnerability can allow a malicious actor to carry out XSS attacks...

6.4CVSS6.2AI score0.00656EPSS
Exploits0References2Affected Software3
BDU FSTEC
BDU FSTEC
added 2022/07/11 12:0 a.m.6 views

The vulnerability in the web interfaces of Cisco Unified Communications Manager and Cisco Unified Communications Manager Session Management Edition (SME), as well as Cisco Unified Communications Manager IM & Presence Service, the integrated messaging system Cisco Unity Connection, allows a attacker to perform XSS attacks.

The vulnerability in the web interfaces of Cisco Unified Communications Manager and Cisco Unified Communications Manager Session Management Edition SME, as well as Cisco Unified Communications Manager IM & Presence Service, and the integrated messaging system Cisco Unity Connection, exists due to...

6.4CVSS6.2AI score0.00656EPSS
Exploits0References2Affected Software3
BDU FSTEC
BDU FSTEC
added 2022/07/11 12:0 a.m.6 views

The vulnerability of the databases of Cisco Unified Communications Manager and Cisco Unified Communications Manager Session Management Edition (SME), as well as Cisco Unified Communications Manager IM & Presence Service, allows a perpetrator to gain unauthorized access to protected information.

The vulnerability of the Cisco Unified Communications Manager and Cisco Unified Communications Manager Session Management Edition SME databases exists due to an incorrect limitation on the path name to the restricted directory. Exploiting this vulnerability could allow a malicious actor to gain...

6.8CVSS6.6AI score0.01288EPSS
Exploits0References2Affected Software3
ATTACKERKB
ATTACKERKB
added 2022/07/06 4:0 p.m.5 views

CVE-2022-20815

A vulnerability in the web-based management interface of Cisco Unified Communications Manager Unified CM, Cisco Unified CM Session Management Edition Unified CM SME, and Cisco Unified Communications Manager IM & Presence Service Unified CM IM&P could allow an unauthenticated, remote attacker to...

6.1CVSS6.6AI score0.00656EPSS
Exploits0References2
CVE
CVE
added 2022/04/21 6:50 p.m.108 views

CVE-2022-20786

CVE-2022-20786 affects Cisco Unified Communications Manager IM & Presence Service. The vulnerability is an SQL injection in the web-based management interface caused by improper validation of user-submitted parameters. An authenticated, remote attacker can send malicious requests to the applicati...

8.1CVSS7AI score0.00785EPSS
Exploits0References1Affected Software1
BDU FSTEC
BDU FSTEC
added 2021/12/07 12:0 a.m.5 views

The vulnerability in the web interface of Cisco Unified Communications Manager, Cisco Unified Communications Manager Session Management Edition, and Cisco Unified Communications Manager IM & Presence Service allows a perpetrator to compromise the integrity of the protected information.

The vulnerability of the Cisco Unified Communications Manager, Cisco Unified Communications Manager Session Management Edition, and Cisco Unified Communications Manager IM & Presence Service web interfaces is related to the manipulation of inter-site requests. Exploiting this vulnerability allows...

7.1CVSS6.5AI score0.00486EPSS
Exploits0References2
CVE
CVE
added 2021/05/06 12:42 p.m.70 views

CVE-2021-1363

CVE-2021-1363 affects Cisco Unified Communications Manager IM & Presence Service. The web-based management interface is vulnerable to SQL injection due to improper validation of user-submitted parameters. An authenticated, remote attacker can send crafted requests to the application, potentially ...

8.1CVSS7.8AI score0.01081EPSS
Exploits0References1Affected Software1
CVE
CVE
added 2021/05/06 12:42 p.m.57 views

CVE-2021-1365

Cisco Unified Communications Manager IM & Presence Service web-based management interface contains SQL injection vulnerabilities caused by improper validation of user-submitted parameters. An authenticated, remote attacker can exploit these vulnerabilities by sending malicious requests to the app...

8.1CVSS7.8AI score0.01081EPSS
Exploits0References1Affected Software1
Cvelist
Cvelist
added 2021/04/08 4:5 a.m.28 views

CVE-2021-1362 Cisco Unified Communications Products Remote Code Execution Vulnerability

A vulnerability in the SOAP API endpoint of Cisco Unified Communications Manager, Cisco Unified Communications Manager Session Management Edition, Cisco Unified Communications Manager IM & Presence Service, Cisco Unity Connection, and Cisco Prime License Manager could allow an authenticated, remo...

8.8CVSS9AI score0.02714EPSS
Exploits0References1
BDU FSTEC
BDU FSTEC
added 2021/01/26 12:0 a.m.2 views

The vulnerability of the components of the audit log system for Cisco Unified Communications Manager, Cisco Unified Communications Manager Session Management Edition (SME), Cisco Unified Communications Manager IM & Presence Service (Unified CM IM&P), Cisco Emergency Responder, Cisco Message Exchange System Cisco Unity Connection, and the software for managing license issuance called Cisco Prime License Manager (PLM) allows a perpetrator to gain unauthorized access to protected information.

The vulnerability of the components of the audit system for Cisco Unified Communications Manager, Cisco Unified Communications Manager Session Management Edition SME, Cisco Unified Communications Manager IM & Presence Service Unified CM IM&P, Cisco Emergency Responder, Cisco Message Exchange Syst...

4.3CVSS6.4AI score0.00908EPSS
Exploits0References3
NVD
NVD
added 2021/01/20 8:15 p.m.14 views

CVE-2021-1364

Multiple vulnerabilities in Cisco Unified Communications Manager IM & Presence Service Unified CM IM&P could allow an attacker to conduct path traversal attacks and SQL injection attacks on an affected system. One of the SQL injection vulnerabilities that affects Unified CM IM&P also affects Cisc...

6.5CVSS6.9AI score0.01341EPSS
Exploits0References1
NVD
NVD
added 2021/01/20 8:15 p.m.17 views

CVE-2021-1355

Multiple vulnerabilities in Cisco Unified Communications Manager IM & Presence Service Unified CM IM&P could allow an attacker to conduct path traversal attacks and SQL injection attacks on an affected system. One of the SQL injection vulnerabilities that affects Unified CM IM&P also affects Cisc...

6.5CVSS6.9AI score0.01352EPSS
Exploits0References1
Prion
Prion
added 2021/01/20 8:15 p.m.27 views

Path traversal

Multiple vulnerabilities in Cisco Unified Communications Manager IM & Presence Service Unified CM IM&P could allow an attacker to conduct path traversal attacks and SQL injection attacks on an affected system. One of the SQL injection vulnerabilities that affects Unified CM IM&P also affects Cisc...

4CVSS5.6AI score0.01341EPSS
Exploits0References1Affected Software2
CVE
CVE
added 2021/01/20 7:56 p.m.78 views

CVE-2021-1282

CVE-2021-1282 affects Cisco Unified Communications Manager IM&P, Unified CM, and Unified CM SME via multiple vulnerabilities that enable path traversal and SQL injection in the web interface. The SQL injection vulnerability also impacts the other CM products. Cisco’s advisory notes improper valid...

6.5CVSS6.3AI score0.01341EPSS
Exploits0References1Affected Software2
Cisco
Cisco
added 2020/11/04 4:0 p.m.36 views

Cisco Unified Communications Manager IM and Presence Service Denial of Service Vulnerability

A vulnerability in Cisco Unified Communications Manager IM & Presence Service Unified CM IM&P Software could allow an authenticated, remote attacker to cause the Cisco XCP Authentication Service on an affected device to restart, resulting in a denial of service DoS condition. The vulnerability is...

4.3CVSS5.5AI score0.0115EPSS
Exploits0References1
BDU FSTEC
BDU FSTEC
added 2019/11/19 12:0 a.m.4 views

The vulnerability in the web interface for managing Cisco Unified Communications Manager systems, including Cisco Unified Communications Manager Session Management Edition (SME), Cisco Unified Communications Manager IM and Presence (Unified CM IM&P) Service, and the integrated messaging system Cisco Unity Connection, allows a perpetrator to send arbitrary requests.

The vulnerability of the Cisco Unified Communications Manager, Cisco Unified Communications Manager Session Management Edition SME, Cisco Unified Communications Manager IM and Presence Unified CM IM&P Service, and the integrated messaging system Cisco Unity Connection’s web interfaces is related ...

7.1CVSS6.5AI score0.00671EPSS
Exploits0References3
Rows per page
Query Builder