424 matches found
Cross site scripting
A vulnerability in the web framework of Cisco Unity Connection could allow an unauthenticated, remote attacker to conduct a cross-site scripting XSS attack against the user of the web interface of an affected system. The vulnerability is due to insufficient input validation of certain parameters...
CVE-2018-0354
A vulnerability in the web framework of Cisco Unity Connection could allow an unauthenticated, remote attacker to conduct a cross-site scripting XSS attack against the user of the web interface of an affected system. The vulnerability is due to insufficient input validation of certain parameters...
CVE-2018-0354
A vulnerability in the web framework of Cisco Unity Connection could allow an unauthenticated, remote attacker to conduct a cross-site scripting XSS attack against the user of the web interface of an affected system. The vulnerability is due to insufficient input validation of certain parameters...
CVE-2018-0354
A vulnerability in the web framework of Cisco Unity Connection could allow an unauthenticated, remote attacker to conduct a cross-site scripting XSS attack against the user of the web interface of an affected system. The vulnerability is due to insufficient input validation of certain parameters...
CVE-2018-0354
The CVE-2018-0354 issue affects Cisco Unity Connection, specifically the web framework. It stems from insufficient input validation for parameters passed via HTTP GET/POST, enabling an unauthenticated, remote attacker to trigger cross-site scripting (XSS) in a user’s browser when a user follows a...
CVE-2017-6779
Multiple Cisco products are affected by a vulnerability in local file management for certain system log files of Cisco collaboration products that could allow an unauthenticated, remote attacker to cause high disk utilization, resulting in a denial of service DoS condition. The vulnerability occu...
Cisco Unity Connection Cross-Site Scripting Vulnerability (CNVD-2018-11303)
Cisco Unity Connection is a unified messaging and voicemail solution that accelerates collaboration. A cross-site scripting vulnerability exists in the web framework in Cisco Unity Connection. The vulnerability stems from insufficient input validation of certain parameters passed to the affected...
Cisco Unity Connection Cross-Site Scripting Vulnerability
A vulnerability in the web framework of Cisco Unity Connection could allow an unauthenticated, remote attacker to conduct a cross-site scripting XSS attack against the user of the web interface of an affected system. The vulnerability is due to insufficient input validation of certain parameters...
Design/Logic Flaw
A vulnerability in the SMTP relay of Cisco Unity Connection could allow an unauthenticated, remote attacker to send unsolicited email messages, aka a Mail Relay Vulnerability. The vulnerability is due to improper handling of domain information in the affected software. An unauthenticated, remote...
CVE-2018-0203
A vulnerability in the SMTP relay of Cisco Unity Connection could allow an unauthenticated, remote attacker to send unsolicited email messages, aka a Mail Relay Vulnerability. The vulnerability is due to improper handling of domain information in the affected software. An unauthenticated, remote...
CVE-2018-0203
CVE-2018-0203 : A vulnerability in the SMTP relay of Cisco Unity Connection allows an unauthenticated, remote attacker to send unsolicited email messages due to improper handling of domain information. A successful exploit could deliver emails to arbitrary addresses. Affected product: Cisco Unity...
CVE-2018-0203
A vulnerability in the SMTP relay of Cisco Unity Connection could allow an unauthenticated, remote attacker to send unsolicited email messages, aka a Mail Relay Vulnerability. The vulnerability is due to improper handling of domain information in the affected software. An unauthenticated, remote...
Cisco Unity Connection Mail Relay Vulnerability
Cisco Unity Connection UC is a voice messaging platform from Cisco USA. The platform can use voice commands to make phone calls or listen to messages in a "hands-free" manner.SMTP relay is one of the mail relay forwarding component. A security vulnerability exists in SMTP relay in Cisco UC, which...
CVE-2018-0203
A vulnerability in the SMTP relay of Cisco Unity Connection could allow an unauthenticated, remote attacker to send unsolicited email messages, aka a Mail Relay Vulnerability. The vulnerability is due to improper handling of domain information in the affected software. An unauthenticated, remote...
Cisco Unity Connection Mail Relay Vulnerability
A vulnerability in the SMTP relay of Cisco Unity Connection could allow an unauthenticated, remote attacker to send unsolicited email messages. The vulnerability is due to improper handling of domain information in the affected software. An unauthenticated, remote attacker could exploit this...
Cisco Unity Connection Voice Operating System-Based Products Unauthorized Access Vulnerability
According to its self-reported version, the Cisco Unity Connection is affected by one or more vulnerabilities. Please see the included Cisco BIDs and the Cisco Security Advisory for more information. TRUSTED...
Cisco Unity Connection Reflected XSS Vulnerability (cisco-sa-20170906-cuc)
Cisco Unity Connection 10.52 with a default configuration allows remote attackers to conduct a reflected cross-site scripting XSS attack against the user of the web interface by submitting invalid input parameters via HTTP GET or POST. C Tenable Network Security, Inc. include"compat.inc"; if...
Cisco Unity Connection Cross-Site Scripting Vulnerability (CNVD-2017-31983)
Cisco Unity Connection UC is a voice messaging platform from Cisco. The platform can use voice commands to make calls or listen to messages in a "hands-free" way. A cross-site scripting vulnerability exists in the Web framework of Cisco UC version 10.52, which arises from the program's failure to...
CVE-2017-12212
A vulnerability in the web framework of Cisco Unity Connection could allow an unauthenticated, remote attacker to conduct a reflected cross-site scripting XSS attack against a user of the web interface of an affected system. The vulnerability is due to insufficient input validation of certain...
CVE-2017-12212
A vulnerability in the web framework of Cisco Unity Connection could allow an unauthenticated, remote attacker to conduct a reflected cross-site scripting XSS attack against a user of the web interface of an affected system. The vulnerability is due to insufficient input validation of certain...