424 matches found
CVE-2015-6299
SQL injection vulnerability in the web interface in Cisco Unity Connection 9.11.2 and earlier allows remote authenticated users to execute arbitrary SQL commands via a crafted POST request, aka Bug ID CSCuv63824...
Cisco Unity Connection Web Interface SQL Injection Vulnerability
A vulnerability in the web interface of Cisco Unity Connection UC could allow an authenticated, remote attacker to impact the confidentiality of the system by executing arbitrary SQL queries. The vulnerability is due to a lack of input validation on user-supplied input in SQL queries. An attacker...
Cisco Unity Connection CUCReports Web Interface Cross-Site Request Forgery Vulnerability
Cisco Unified Communications Manager is a call processing component of a Unified Communications system. A cross-site request forgery vulnerability exists in the web management interface of Cisco Unified Communications Manager, which allows remote attackers to construct malicious URIs, trick users...
CVE-2015-0716
Cross-site request forgery CSRF vulnerability in the CUCReports page in Cisco Unity Connection 11.00.98000.225 and 11.00.98000.332 allows remote attackers to hijack the authentication of arbitrary users, aka Bug ID CSCut33659...
Cross site request forgery (csrf)
Cross-site request forgery CSRF vulnerability in the CUCReports page in Cisco Unity Connection 11.00.98000.225 and 11.00.98000.332 allows remote attackers to hijack the authentication of arbitrary users, aka Bug ID CSCut33659...
CVE-2015-0716
CVE-2015-0716 is a CSRF vulnerability in Cisco Unity Connection’s CUCReports page affecting 11.0(0.98000.225) and 11.0(0.98000.332). The underlying issue is insufficient CSRF protections, enabling remote attackers to hijack the authentication of arbitrary users. Cisco’s advisory notes unauthentic...
CVE-2015-0716
Cross-site request forgery CSRF vulnerability in the CUCReports page in Cisco Unity Connection 11.00.98000.225 and 11.00.98000.332 allows remote attackers to hijack the authentication of arbitrary users, aka Bug ID CSCut33659...
Cisco Unity Connection CUCReports Page Cross-Site Request Forgery Vulnerability
Cisco Unity Connection is the United States Cisco Cisco company's set of voice mail platform. A cross-site request forgery vulnerability exists in the Cisco Unity Connection CUCReports page, which could be exploited by an attacker to hijack the authentication of arbitrary users...
Cisco Unity Connection CUCReports Page Cross-Site Request Forgery Vulnerability
A vulnerability in the CUCReports page of Cisco Unity Connection could allow an unauthenticated, remote attacker to perform a cross-site request forgery CSRF attack against the CUCReports web interface. The vulnerability is due to insufficient CSRF protections on the Cisco Unity Connection web...
Cisco Unity Connection Multiple Remote DoS (cisco-sa-20150401-cuc)
The version of Cisco Unity Connection installed on the remote host is 8.5 prior to 8.51SU7 / 8.6 prior to 8.62aSU4 / 9.x prior to 9.12SU2 / 10.x prior to 10.01SU1. It is, therefore, affected by multiple denial of service vulnerabilities : - A denial of service vulnerability exists in the Connecti...
Cisco Unity Connection multiple security vulnerabilities
Multiple DoS conditions...
Cisco Unity Connection SIP Trunk Integration Tailored INVITE Message Denial of Service Vulnerability (CNVD-2015-02212)
Cisco Unity Connection is a feature-rich voice messaging platform that uses the Linux Unified Communications operating system. A security vulnerability exists in the Connection Conversation Manager CuCsMgr process of Cisco Unity Connection. It allows an unauthenticated, remote attacker to cause a...
Cisco Unity Connection SIP Trunking Integration Port UDP 5060 Denial of Service Vulnerability
Cisco Unity Connection is a feature-rich voice messaging platform that uses the Linux Unified Communications operating system. A security vulnerability exists in the Connection Conversation Manager CuCsMgr process of Cisco Unity Connection. It allows an unauthenticated, remote attacker to cause a...
Cisco Unity Connection SIP Trunking Integrated Port Denial of Service Vulnerability
Cisco Unity Connection is a feature-rich voice messaging platform that uses the Linux Unified Communications operating system. A security vulnerability exists in Cisco Unity Connection's SIP call handling code that fails to release allocated resources in certain connection scenarios. This allows ...
Cisco Unity Connection SIP Trunking Integrated CuCsMgr Denial of Service Vulnerability
Cisco Unity Connection is a feature-rich voice messaging platform that uses the Linux Unified Communications operating system. A security vulnerability exists in the Connection Conversation Manager CuCsMgr process of Cisco Unity Connection. Allowing an unauthenticated, remote attacker to exploit...
CVE-2015-0616
The Connection Conversation Manager aka CuCsMgr process in Cisco Unity Connection 8.5 before 8.51SU7, 8.6 before 8.62aSU4, and 9.x before 9.12SU2, when SIP trunk integration is enabled, allows remote attackers to cause a denial of service core dump and restart by improperly terminating SIP TCP...
CVE-2015-0615
The call-handling implementation in Cisco Unity Connection 8.5 before 8.51SU7, 8.6 before 8.62aSU4, 9.x before 9.12SU2, and 10.0 before 10.01SU1, when SIP trunk integration is enabled, allows remote attackers to cause a denial of service port consumption by improperly terminating SIP sessions, ak...
CVE-2015-0614
The Connection Conversation Manager aka CuCsMgr process in Cisco Unity Connection 8.5 before 8.51SU7, 8.6 before 8.62aSU4, 9.x before 9.12SU2, and 10.0 before 10.01SU1, when SIP trunk integration is enabled, allows remote attackers to cause a denial of service core dump and restart via crafted SI...
CVE-2015-0613
The Connection Conversation Manager aka CuCsMgr process in Cisco Unity Connection 8.5 before 8.51SU7, 8.6 before 8.62aSU4, 9.x before 9.12SU2, and 10.0 before 10.01SU1, when SIP trunk integration is enabled, allows remote attackers to cause a denial of service core dump and restart via crafted SI...
Design/Logic Flaw
The Connection Conversation Manager aka CuCsMgr process in Cisco Unity Connection 8.5 before 8.51SU6, 8.6 before 8.62aSU4, and 9.x before 9.12SU2, when SIP trunk integration is enabled, allows remote attackers to cause a denial of service SIP outage via a crafted UDP packet, aka Bug ID CSCuh25062...