15 matches found
EUVD-2020-24395
Malware in sbrugna...
Cisco Hosted Collaboration Mediation Fulfillment Denial of Service Vulnerability
A vulnerability in the Java Management Extensions JMX component of Cisco Hosted Collaboration Mediation Fulfillment HCM-F could allow an authenticated, remote attacker to cause a denial of service DoS condition on an affected system. This vulnerability is due to an unsecured TCP/IP port. An...
CVE-2020-3124
A vulnerability in the web-based interface of Cisco Hosted Collaboration Mediation Fulfillment HCM-F could allow an unauthenticated, remote attacker to conduct a cross-site request forgery CSRF attack on an affected system. The vulnerability is due to insufficient CSRF protections by the affected...
CVE-2020-3124 Cisco Hosted Collaboration Mediation Fulfillment Cross-Site Request Forgery Vulnerability
A vulnerability in the web-based interface of Cisco Hosted Collaboration Mediation Fulfillment HCM-F could allow an unauthenticated, remote attacker to conduct a cross-site request forgery CSRF attack on an affected system. The vulnerability is due to insufficient CSRF protections by the affected...
CVE-2020-3124
Cisco HCM-F CSRF vulnerability (CVE-2020-3124) stems from insufficient CSRF protections in the web-based interface. An unauthenticated, remote attacker can persuade a user to click a malicious link, enabling arbitrary requests that could change a target user’s password and allow unauthorized acti...
Xxe
A vulnerability in the web-based management interface of Cisco Hosted Collaboration Mediation Fulfillment HCM-F Software could allow an authenticated, remote attacker to gain read access to information that is stored on an affected system. To exploit this vulnerability, an attacker would need...
CVE-2020-3256 Cisco Hosted Collaboration Mediation Fulfillment XML External Expansion Vulnerability
A vulnerability in the web-based management interface of Cisco Hosted Collaboration Mediation Fulfillment HCM-F Software could allow an authenticated, remote attacker to gain read access to information that is stored on an affected system. To exploit this vulnerability, an attacker would need...
CVE-2020-3256
Cisco HCM-F (Hosted Collaboration Mediation Fulfillment) web-based management interface is affected by an XXE (XML External Entity) vulnerability. The issue arises during parsing of certain XML files, allowing an authenticated, remote attacker with administrative privileges to read local files an...
CVE-2016-6371
Directory traversal vulnerability in the web interface in Cisco Hosted Collaboration Mediation Fulfillment HCM-F 10.63 and earlier allows remote attackers to write to arbitrary files via a crafted URL, aka Bug ID CSCuz64717...
CVE-2016-6370
Directory traversal vulnerability in the web interface in Cisco Hosted Collaboration Mediation Fulfillment HCM-F 10.63 and earlier allows remote authenticated users to read arbitrary files via a crafted pathname in an HTTP request, aka Bug ID CSCuz27255...
Directory traversal
Directory traversal vulnerability in the web interface in Cisco Hosted Collaboration Mediation Fulfillment HCM-F 10.63 and earlier allows remote attackers to write to arbitrary files via a crafted URL, aka Bug ID CSCuz64717...
CVE-2016-6370
Directory traversal vulnerability in the web interface in Cisco Hosted Collaboration Mediation Fulfillment HCM-F 10.63 and earlier allows remote authenticated users to read arbitrary files via a crafted pathname in an HTTP request, aka Bug ID CSCuz27255...
CVE-2016-6371
Directory traversal vulnerability in the web interface in Cisco Hosted Collaboration Mediation Fulfillment HCM-F 10.63 and earlier allows remote attackers to write to arbitrary files via a crafted URL, aka Bug ID CSCuz64717...
CVE-2016-6371
CVE-2016-6371 describes a directory traversal flaw in Cisco Hosted Collaboration Mediation Fulfillment (HCM-F) web interface (vulnerable in 10.6(3) and earlier). The root cause is insufficient validation of the HTTP URL, enabling an unauthenticated, remote attacker to write arbitrary files via a ...
CVE-2016-6370
The CVE-2016-6370 issue affects Cisco Hosted Collaboration Mediation Fulfillment (HCM-F) up to version 10.6(3) and earlier. A vulnerability in the web interface permits a remote authenticated attacker to read arbitrary files by sending a crafted HTTP pathname, due to insufficient input validation...