The vulnerability of the components of the audit log system for Cisco Unified Communications Manager, Cisco Unified Communications Manager Session Management Edition (SME), Cisco Unified Communications Manager IM & Presence Service (Unified CM IM&P), Cisco Emergency Responder, Cisco Message Exchange System Cisco Unity Connection, and the software for managing license issuance called Cisco Prime License Manager (PLM) allows a perpetrator to gain unauthorized access to protected information.

The vulnerability of the components of the audit system for Cisco Unified Communications Manager, Cisco Unified Communications Manager Session Management Edition SME, Cisco Unified Communications Manager IM & Presence Service Unified CM IM&P, Cisco Emergency Responder, Cisco Message Exchange Syst...

Multiple Cisco Products Log Information Disclosure Vulnerability

Cisco Unity Connection UC and so on are the products of the American Cisco Cisco company.Cisco Unity Connection is a set of voice message platform.Cisco Unified Communications Manager CUCM, Unified CM, CallManager is a call processing component of the unified communications system. Cisco Unified...

The vulnerability in the web interface of the Cisco Unified Communications Manager, Cisco Unified Communications Manager Session Management Edition (SME), Cisco Unified Communications Manager call processing system, and the integrated Cisco Unity Connection messaging system allows a perpetrator to perform cross-site scripting attacks.

The vulnerability in the Web interface of the Cisco Unified Communications Manager, Cisco Unified Communications Manager Session Management Edition SME, Unified Communications Manager IM & Presence Service, and the integrated Cisco Unity Connection messaging system is related to the lack of...

CVE-2020-3130

A vulnerability in the web management interface of Cisco Unity Connection could allow an authenticated remote attacker to overwrite files on the underlying filesystem. The vulnerability is due to insufficient input validation. An attacker could exploit this vulnerability by sending a crafted HTTP...

CVE-2020-3130

A vulnerability in the web management interface of Cisco Unity Connection could allow an authenticated remote attacker to overwrite files on the underlying filesystem. The vulnerability is due to insufficient input validation. An attacker could exploit this vulnerability by sending a crafted HTTP...

Input validation

A vulnerability in the web management interface of Cisco Unity Connection could allow an authenticated remote attacker to overwrite files on the underlying filesystem. The vulnerability is due to insufficient input validation. An attacker could exploit this vulnerability by sending a crafted HTTP...

CVE-2020-3130 Cisco Unity Connection Directory Traversal Vulnerability

A vulnerability in the web management interface of Cisco Unity Connection could allow an authenticated remote attacker to overwrite files on the underlying filesystem. The vulnerability is due to insufficient input validation. An attacker could exploit this vulnerability by sending a crafted HTTP...

CVE-2020-3130

The CVE-2020-3130 issue affects Cisco Unity Connection’s web management interface. It is a directory traversal vulnerability caused by insufficient input validation that could let an authenticated attacker (with valid admin credentials) send a crafted HTTP request and overwrite files on the under...

CVE-2020-3130 Cisco Unity Connection Directory Traversal Vulnerability

A vulnerability in the web management interface of Cisco Unity Connection could allow an authenticated remote attacker to overwrite files on the underlying filesystem. The vulnerability is due to insufficient input validation. An attacker could exploit this vulnerability by sending a crafted HTTP...

Cisco Unity Connection Cross-Site Scripting (cisco-sa-cucm-cuc-imp-xss-OWuSYAp)

According to its self-reported version, Cisco Unity Connection is affected by a Cross-Site Scripting vulnerabilities. An remote attacker could exploit this vulnerability by inserting malicious data into a specific data field in the web interface. A successful exploit could allow the attacker to...

The vulnerability in the web interface of Cisco Unified Communications Manager, Cisco Unified Communications Manager Session Management Edition (SME), Cisco Unified Communications Manager IM & Presence Service, and Cisco Unity Connection allows a perpetrator to carry out cross-site scripting attacks.

The vulnerability of the Cisco Unified Communications Manager, Cisco Unified Communications Manager Session Management Edition SME, Cisco Unified Communications Manager IM & Presence Service, and Cisco Unity Connection web interfaces is related to insufficient protection of the website structure...

CVE-2020-3282

CVE-2020-3282 affects Cisco Unified Communications Manager family (including Session Management Edition, IM&P Service, Unity Connection) where the web-based management interface fails to validate user-supplied input, enabling unauthenticated remote attackers to perform cross-site scripting (XSS) ...

The vulnerability in the web interface for managing the Cisco Unity Connection integrated messaging system allows a hacker to re-write files in the basic file system.

The vulnerability in the web interface for managing the Cisco Unity Connection integrated messaging system exists due to an incorrect restriction on the path name to the restricted directory. Exploiting this vulnerability could allow a malicious actor, operating remotely, to re-write files in the...

The vulnerability in the web interface for managing the Cisco Unity Connection integrated messaging system allows a perpetrator to perform cross-site scripting (XSS) attacks.

The vulnerability in the web interface for managing the Cisco Unity Connection integrated messaging system is related to the lack of measures for cleaning incoming data. Exploiting this vulnerability allows a malicious actor to perform cross-site scripting attacks XSS remotely...

CVE-2020-3129

A vulnerability in the web-based management interface of Cisco Unity Connection Software could allow an authenticated, remote attacker to perform a stored cross-site scripting XSS attack. The vulnerability is due to insufficient input validation by the web-based management interface. An attacker...

CVE-2020-3129

A vulnerability in the web-based management interface of Cisco Unity Connection Software could allow an authenticated, remote attacker to perform a stored cross-site scripting XSS attack. The vulnerability is due to insufficient input validation by the web-based management interface. An attacker...

Cross site scripting

A vulnerability in the web-based management interface of Cisco Unity Connection Software could allow an authenticated, remote attacker to perform a stored cross-site scripting XSS attack. The vulnerability is due to insufficient input validation by the web-based management interface. An attacker...

CVE-2020-3129 Cisco Unity Connection Stored Cross-Site Scripting Vulnerability

A vulnerability in the web-based management interface of Cisco Unity Connection Software could allow an authenticated, remote attacker to perform a stored cross-site scripting XSS attack. The vulnerability is due to insufficient input validation by the web-based management interface. An attacker...

CVE-2020-3129 Cisco Unity Connection Stored Cross-Site Scripting Vulnerability

A vulnerability in the web-based management interface of Cisco Unity Connection Software could allow an authenticated, remote attacker to perform a stored cross-site scripting XSS attack. The vulnerability is due to insufficient input validation by the web-based management interface. An attacker...

CVE-2020-3129

CVE-2020-3129 describes a stored cross-site scripting (XSS) vulnerability in the web-based management interface of Cisco Unity Connection Software. The issue arises from insufficient input validation in the interface, allowing an authenticated, remote attacker to supply crafted data that can be s...