129 matches found
EUVD-2012-0397
Malware in sbrugna...
EUVD-2011-3972
Malware in sbrugna...
EUVD-2011-2066
Malware in sbrugna...
EUVD-2009-2047
Malware in sbrugna...
EUVD-2022-26067
Malicious code in bioql PyPI...
CVE-2011-4019
Memory leak in Cisco IOS 12.4 and 15.0 through 15.2, and Cisco Unified Communications Manager CUCM 7.x, allows remote attackers to cause a denial of service memory consumption via a crafted response to a SIP SUBSCRIBE message, aka Bug IDs CSCto93837 and CSCtj61883...
CISCO-SA-20180207-CUCM
creationtimestamp| type| source ---|---|--- 2024-12-17 09:00:36+00:00| seen| https://social.circl.lu/users/vulnerabilitylookup/statuses/113667342705227470...
CISCO-SA-20191002-CUCM
creationtimestamp| type| source ---|---|--- 2024-12-17 06:40:58+00:00| seen| https://social.circl.lu/users/vulnerabilitylookup/statuses/113666792876511565...
Cisco Unified Communications Manager IM & Presence File Read Vulnerability (isco-sa-cucm-imp-afr-YBFLNyzd)
The version of Cisco Unified Communications Manager IM & Presence Service Unified CM IM&P installed on the remote host is prior to 14SU2. It is, therefore, affected by a file read vulnerability. Due to insufficient file permissions, an authenticated remote attacker could read arbitrary files on t...
Design/Logic Flaw
A vulnerability in Cisco Unified IP Phones could allow an unauthenticated, remote attacker to impersonate another user's phone if the Cisco Unified Communications Manager CUCM is in secure mode. This vulnerability is due to improper key generation during the manufacturing process that could resul...
CVE-2022-20817 Cisco IP Phone Duplicate Key Vulnerability
A vulnerability in Cisco Unified IP Phones could allow an unauthenticated, remote attacker to impersonate another user's phone if the Cisco Unified Communications Manager CUCM is in secure mode. This vulnerability is due to improper key generation during the manufacturing process that could resul...
CVE-2022-20817
Cisco CVE-2022-20817 affects Cisco Unified IP Phones when CUCM is in secure mode. Root cause: improper manufacturing key generation leads to duplicate manufactured keys on multiple devices, enabling a remote attacker to perform a man-in-the-middle attack and impersonate another user’s phone. Impa...
Cisco IP Phone Duplicate Key Vulnerability
A vulnerability in Cisco Unified IP Phones could allow an unauthenticated, remote attacker to impersonate another user's phone if the Cisco Unified Communications Manager CUCM is in secure mode. This vulnerability is due to improper key generation during the manufacturing process that could resul...
Cisco Unified Communications Manager (CUCM) Detection Consolidation
Consolidation of Cisco Unified Communications Manager CUCM, formerly Call Manager detections. SPDX-FileCopyrightText: 2022 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only...
iCULeak - Tool To Find And Extract Credentials From Phone Configuration Files Hosted On Cisco CUCM
Tool to find and extract credentials from phone configuration files in environments managed by Cisco's CUCM Call Manager. When using Cisco's CUCM Call Manager, phone configuration files are stored on a TFTP server. These phone configuration files quite frequently contain sensitive data, including...
Cisco Unified Communication Manager HTTP Interface Information Disclosure Vulnerability (CSCvf20218)
According to its self-reported version, the Cisco Unified Communications Manager CUCM running on the remote device is affected by an information disclosure vulnerability. Please see the included Cisco BID and the Cisco Security Advisory for more information. %NASLMINLEVEL 70300 C Tenable Network...
CVE-2016-9206
CVE-2016-9206 affects Cisco Unified Communications Manager (CUCM) through a vulnerability in the ccmadmin page that can allow an unauthenticated, remote attacker to perform reflected cross-site scripting (XSS). The issue arises from improper sanitization/encoding of user-supplied data on the ccma...
Cisco Unified Communications Manager Administration Page Cross-Site Scripting Vulnerability (cisco-sa-20161207-cucm)
A vulnerability in the ccmadmin page of Cisco Unified Communications Manager CUCM could allow an unauthenticated, remote attacker to conduct reflected cross-site scripting XSS attacks. SPDX-FileCopyrightText: 2016 Greenbone AG Some text descriptions might be excerpted from a referenced sources, a...
CVE-2016-6440
CVE-2016-6440 affects Cisco Unified Communications Manager (CUCM). Root cause: lack of input sanitization for iframe data in HTTP requests, enabling an attacker to display data inside an iframe and trigger clickjacking (phishing) without user interaction. Affected releases include CUCM 11.0(1.100...
Cisco Unified Communications Manager Information Disclosure Vulnerability (cisco-sa-20160208-ucm)
Cisco Unified Communications Manager CUCM is prone to an information disclosure vulnerability. Copyright C 2016 Greenbone Networks GmbH Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-or-lat...