27 matches found
EUVD-2014-0778
Malware in sbrugna...
CVE-2014-0747
The Certificate Authority Proxy Function CAPF CLI implementation in Cisco Unified Communications Manager Unified CM 10.01 and earlier allows local users to inject commands via unspecified CAPF programs, aka Bug ID CSCum95493...
CVE-2014-0743
The Certificate Authority Proxy Function CAPF component in Cisco Unified Communications Manager Unified CM 10.01 and earlier allows remote attackers to bypass authentication and modify registered-device information via crafted data, aka Bug ID CSCum95468...
Code injection
The Certificate Authority Proxy Function CAPF CLI implementation in the CSR management feature in Cisco Unified Communications Manager Unified CM 10.01 and earlier allows local users to read or modify arbitrary files via unspecified vectors, aka Bug ID CSCum95464...
CVE-2014-0742
The Certificate Authority Proxy Function CAPF CLI implementation in the CSR management feature in Cisco Unified Communications Manager Unified CM 10.01 and earlier allows local users to read or modify arbitrary files via unspecified vectors, aka Bug ID CSCum95464...
CVE-2014-0747
CVE-2014-0747 affects Cisco Unified Communications Manager CAPF CLI. The vulnerability arises from insufficient input validation in the CAPF CLI, allowing an authenticated, local attacker to inject commands into the underlying operating system. Affected are Cisco Unified CM versions 10.0(1) and e...
CVE-2014-0741
The CVE-2014-0741 issue affects Cisco Unified Communications Manager (Unified CM) via the CAPF certificate-import CLI. The root cause is insufficient input validation in the CAPF command-import flow, allowing an authenticated, local attacker with local access to read or modify arbitrary files on ...
CVE-2014-0743
The CVE-2014-0743 entry describes a Cisco CAPF (Certificate Authority Proxy Function) flaw in Cisco Unified Communications Manager, affecting CAPF in 10.0(1) and earlier. Root cause: insufficient authentication enforcement in CAPF allows remote attackers to bypass authentication and modify inform...
CVE-2014-0741
The certificate-import feature in the Certificate Authority Proxy Function CAPF CLI implementation in Cisco Unified Communications Manager Unified CM 10.01 and earlier allows local users to read or modify arbitrary files via a crafted command, aka Bug ID CSCum95461...
CVE-2014-0742
CVE-2014-0742 concerns Cisco Unified Communications Manager (Unified CM) CAPF CSR management CLI. The CAPF CSR management feature contains insufficient input validation, allowing an authenticated, local attacker to read or write arbitrary files on the underlying OS via crafted CLI input (Bug ID C...
CVE-2014-0747
The Certificate Authority Proxy Function CAPF CLI implementation in Cisco Unified Communications Manager Unified CM 10.01 and earlier allows local users to inject commands via unspecified CAPF programs, aka Bug ID CSCum95493...
Cisco Unified Communications Manager CAPF Certificate Import Arbitrary File Read/Write Vulnerability
A vulnerability in the Certificate Authority Proxy Function CAPF command-line function for certificate import of Cisco Unified Communications Manager Cisco Unified CM could allow an authenticated, local attacker to read or write arbitrary files to the underlying operating system. The vulnerabilit...
Cisco Unified Communications Manager CAPF CLI Command Injection Vulnerability
A vulnerability in the Certificate Authority Proxy Function CAPF command-line interface CLI of Cisco Unified Communications Manager Cisco Unified CM could allow an authenticated, local attacker to inject commands into the underlying operating system. The vulnerability is due to insufficient input...
Cisco Unified Communications Manager CAPF Unauthenticated Device Information Update Vulnerability
A vulnerability in the Certificate Authority Proxy Function CAPF of Cisco Unified Communications Manager Cisco Unified CM could allow an unauthenticated, remote attacker to change information related to registered devices. The vulnerability is due to insufficient authentication enforcement. An...
Cisco Unified Communications Manager CAPF CSR Arbitrary File Read/Write Vulnerability
A vulnerability in the Certificate Authority Proxy Function CAPF command-line function for Certificate Signing Request CSR management of Cisco Unified Communications Manager Cisco Unified CM could allow an authenticated, local attacker to read or write arbitrary files to the underlying operating...
Cisco Unified Communications Manager CAPF SQL注入漏洞
Bugtraq ID:65645 CVE ID:CVE-2014-0734 Cisco Unified Communications Manager是一款Cisco IP电话解决方案中的呼叫处理组件。 Cisco Unified Communications Manager证书授权代理功能Certificate Authority Proxy Function不正确过滤用户提交的输入,允许远程攻击者利用漏洞提交特制的SQL查询,可操作或获取数据库数据。 0 Cisco Unified Communications Manager 10.01.10000.3 厂商补丁: Cisco ---...
Sql injection
SQL injection vulnerability in the Certificate Authority Proxy Function CAPF implementation in Cisco Unified Communications Manager Unified CM 10.01 and earlier allows remote attackers to execute arbitrary SQL commands via a crafted URL, aka Bug ID CSCum46483...
CVE-2014-0734
SQL injection vulnerability in the Certificate Authority Proxy Function CAPF implementation in Cisco Unified Communications Manager Unified CM 10.01 and earlier allows remote attackers to execute arbitrary SQL commands via a crafted URL, aka Bug ID CSCum46483...
CVE-2014-0734
CVE-2014-0734 affects Cisco Unified Communications Manager CAPF. The Certificate Authority Proxy Function fails to properly sanitize user input, enabling a remote attacker to craft a URL that executes arbitrary SQL commands. Affected: UCM 10.0(1) and earlier. Impact: potential data exposure/modif...
CVE-2009-0057
The Certificate Authority Proxy Function CAPF service in Cisco Unified Communications Manager 5.x before 5.13e and 6.x before 6.13 allows remote attackers to cause a denial of service voice service outage by sending malformed input over a TCP session in which the "client terminates prematurely."...