Lucene search
K

2246 matches found

Nuclei
Nuclei
added 3 days ago69 views

Cisco Unified Communications Manager 7/8/9 - Directory Traversal

A directory traversal vulnerability in the Tomcat administrative web interface in Cisco Unified Communications Manager allows remote authenticated users to read arbitrary files via directory traversal sequences in an unspecified input string, aka Bug ID CSCui78815 id: CVE-2013-5528 info: name:...

8.1CVSS7.4AI score0.88559EPSS
Exploits22References4
The Hacker News
The Hacker News
added last week10 views

Cisco Unified CM Flaw Exploited After PoC Reveals File-Write Path to Root

Threat actors have begun to exploit a recently disclosed critical security flaw impacting Cisco Unified Communications Manager Unified CM and Unified Communications Manager Session Management Edition Unified CM SME. The vulnerability, tracked as CVE-2026-20230 CVSS score: 8.6, is a case of improp...

8.6CVSS6.4AI score0.41694EPSS
Exploits3
VulnCheck KEV
VulnCheck KEV
added 2026/06/22 12:0 a.m.13 views

VulnCheck KEV: CVE-2026-20230

A vulnerability in Cisco Unified Communications Manager Unified CM and Cisco Unified Communications Manager Session Management Edition Unified CM SME could allow an unauthenticated, remote attacker to conduct server-side request forgery SSRF attacks through an affected device. This vulnerability ...

8.6CVSS6.2AI score0.41694EPSS
In wildExploits3References4
GithubExploit
GithubExploit
added 2026/06/12 7:47 p.m.118 views

Exploit for CVE-2026-20230

CVE-2026-20230 Scanner A Python-based scanner and validation...

8.6CVSS5.9AI score0.41694EPSS
Exploits3
Positive Technologies
Positive Technologies
added 2026/06/08 12:0 a.m.8 views

PT-2026-47707

CVE-2024-56120 - Cisco Unified Communications Manager SQL Injection CVE ID :CVE-2024-56120 Published : June 8, 2026, 10:16 a.m. | 44 minutes ago Description :Rejected reason: This CVE ID has been rejected or withdrawn by its CVE Numbering Authority. Severity: 0.0 | NA Visit the link for more...

5.5AI score
Exploits0References1
Tenable Nessus
Tenable Nessus
added 2026/06/05 12:0 a.m.14 views

Cisco Unified Communications Manager (CUCM) 14.x < 14SU6 / 15.x < 15SU5 SSRF (cisco-sa-cucm-ssrf-cXPnHcW)

According to its self-reported version, Cisco Unified Communications Manager is affected by a server-side request forgery SSRF vulnerability. - A vulnerability in Cisco Unified Communications Manager Unified CM and Cisco Unified Communications Manager Session Management Edition Unified CM SME cou...

8.6CVSS6.2AI score0.41694EPSS
Exploits3References3
CVE
CVE
added 2026/06/03 4:9 p.m.119 views

CVE-2026-20230

CVE-2026-20230 affects Cisco Unified Communications Manager (CUCM) and Unified CM SME. The issue is due to improper input validation in specific HTTP requests, enabling an unauthenticated attacker to perform server-side request forgery (SSRF) and, if exploited, write files on the OS that could be...

8.6CVSS5.8AI score0.41694EPSS
In wildExploits3References3Affected Software1
EUVD
EUVD
added 2026/06/03 4:9 p.m.11 views

EUVD-2026-34137

A vulnerability in Cisco Unified Communications Manager Unified CM and Cisco Unified Communications Manager Session Management Edition Unified CM SME could allow an unauthenticated, remote attacker to conduct server-side request forgery SSRF attacks through an affected device. This vulnerability ...

8.6CVSS5.8AI score0.41694EPSS
Exploits3References1
ATTACKERKB
ATTACKERKB
added 2026/06/03 4:9 p.m.8 views

CVE-2026-20230

A vulnerability in Cisco Unified Communications Manager Unified CM and Cisco Unified Communications Manager Session Management Edition Unified CM SME could allow an unauthenticated, remote attacker to conduct server-side request forgery SSRF attacks through an affected device. This vulnerability ...

8.6CVSS5.8AI score0.41694EPSS
Exploits3References2
Cisco
Cisco
added 2026/06/03 4:0 p.m.35 views

Cisco Unified Communications Manager Server-Side Request Forgery Vulnerability

A vulnerability in Cisco Unified Communications Manager Unified CM and Cisco Unified Communications Manager Session Management Edition Unified CM SME could allow an unauthenticated, remote attacker to conduct server-side request forgery SSRF attacks through an affected device. This vulnerability ...

8.6CVSS5.8AI score0.41694EPSS
Exploits3References1
CNNVD
CNNVD
added 2026/06/03 12:0 a.m.9 views

Cisco Unified Communications Manager 代码问题漏洞

Cisco Unified Communications Manager is a call processing component within the unified communication system developed by Cisco, Inc. This component provides an scalable, distributed, and highly available solution for enterprise IP telephony call processing. There is a code vulnerability in Cisco...

8.6CVSS6AI score0.41694EPSS
Exploits3References1
Tenable Nessus
Tenable Nessus
added 2026/05/05 12:0 a.m.8 views

Cisco Unified Computing System Remote Code Execution Vulnerability (regreSSHion) (cisco cisco-sa-openssh-rce-2024)

According to its self-reported version, Cisco Unified Computing System is affected by a vulnerability. - A remote code execution vulnerability exists in Cisco Unified Computing System due to a signal handler race condition found in sshd, where a client does not authenticate within LoginGraceTime...

8.1CVSS7.6AI score0.99506EPSS
Exploits68References6
RedhatCVE
RedhatCVE
added 2026/03/26 3:8 p.m.3 views

CVE-2026-20117

A vulnerability in the web-based management interface of Cisco Unified Contact Center Express Unified CCX could allow an unauthenticated, remote attacker to conduct cross-site scripting XSS attacks against a user of the interface. This vulnerability exists because the web-based management interfa...

6.1CVSS6AI score0.00207EPSS
Exploits0References1
Tenable Nessus
Tenable Nessus
added 2026/03/13 12:0 a.m.3 views

Cisco Unified Intelligence Center XSS (cisco-sa-cc-xss-MrNAH5Jh)

A vulnerability in the web-based management interface of Cisco Unified Intelligence Center could allow an unauthenticated, remote attacker to conduct a cross-site scripting XSS attack against a user of the interface. This vulnerability is due to insufficient validation of user-supplied input. An...

6.1CVSS5.8AI score0.00207EPSS
Exploits0References3
EUVD
EUVD
added 2026/03/11 6:30 p.m.4 views

EUVD-2026-11223

A vulnerability in the web-based management interface of Cisco Unified Contact Center Express Unified CCX could allow an unauthenticated, remote attacker to conduct cross-site scripting XSS attacks against a user of the interface. This vulnerability exists because the web-based management interfa...

6.1CVSS6AI score0.00207EPSS
Exploits0References2
NVD
NVD
added 2026/03/11 5:16 p.m.3 views

CVE-2026-20117

A vulnerability in the web-based management interface of Cisco Unified Contact Center Express Unified CCX could allow an unauthenticated, remote attacker to conduct cross-site scripting XSS attacks against a user of the interface. This vulnerability exists because the web-based management interfa...

6.1CVSS0.00207EPSS
Exploits0References1
Cvelist
Cvelist
added 2026/03/11 4:31 p.m.26 views

CVE-2026-20117 Multiple Cisco Contact Center Products Cross-Site Scripting Vulnerabilities

A vulnerability in the web-based management interface of Cisco Unified Contact Center Express Unified CCX could allow an unauthenticated, remote attacker to conduct cross-site scripting XSS attacks against a user of the interface. This vulnerability exists because the web-based management interfa...

6.1CVSS0.00207EPSS
Exploits0References1
Vulnrichment
Vulnrichment
added 2026/03/11 4:31 p.m.3 views

CVE-2026-20117 Multiple Cisco Contact Center Products Cross-Site Scripting Vulnerabilities

A vulnerability in the web-based management interface of Cisco Unified Contact Center Express Unified CCX could allow an unauthenticated, remote attacker to conduct cross-site scripting XSS attacks against a user of the interface. This vulnerability exists because the web-based management interfa...

6.1CVSS6AI score0.00207EPSS
Exploits0References1
Positive Technologies
Positive Technologies
added 2026/03/11 12:0 a.m.4 views

PT-2026-24732

A vulnerability in the web-based management interface of Cisco Unified Contact Center Express Unified CCX could allow an unauthenticated, remote attacker to conduct cross-site scripting XSS attacks against a user of the interface. This vulnerability exists because the web-based management interfa...

6.1CVSS6AI score0.00207EPSS
Exploits0References3
CNNVD
CNNVD
added 2026/02/25 12:0 a.m.9 views

Cisco FXOS Software和Cisco UCS Manager Software 跨站脚本漏洞

Cisco FXOS Software and Cisco UCS Manager Software are both products of the American company Cisco. Cisco FXOS Software is a firewall software that runs on Cisco security devices. Cisco UCS Manager Software is a device management software. Both Cisco FXOS Software and Cisco UCS Manager Software...

4.8CVSS5.7AI score0.0017EPSS
Exploits0References1
Rows per page
Query Builder