EUVD-2021-6749

Malicious code in bioql PyPI...

Cisco Unified Communications Manager IM & Presence File Read Vulnerability (isco-sa-cucm-imp-afr-YBFLNyzd)

The version of Cisco Unified Communications Manager IM & Presence Service Unified CM IM&P installed on the remote host is prior to 14SU2. It is, therefore, affected by a file read vulnerability. Due to insufficient file permissions, an authenticated remote attacker could read arbitrary files on t...

Cisco Unified Communications Products Vulnerabilities (cisco-sa-imp-trav-inj-dM687ZD6)

According to its self-reported version, multiple vulnerabilities in Cisco Unified Communications Manager IM & Presence Service Unified CM IM&P could allow an attacker to conduct path traversal attacks and SQL injection attacks on an affected system. One of the SQL injection vulnerabilities that...

CVE-2021-1355

Cisco Unified Communications Manager IM&P is affected by multiple vulnerabilities enabling path traversal and SQL injection. The SQL injection issue also affects Unified CM and Unified CM SME. Root cause involves input handling flaws in affected components. Impact is partial confidentiality loss ...

CVE-2021-1357 Cisco Unified Communications Products Vulnerabilities

Multiple vulnerabilities in Cisco Unified Communications Manager IM & Presence Service Unified CM IM&P could allow an attacker to conduct path traversal attacks and SQL injection attacks on an affected system. One of the SQL injection vulnerabilities that affects Unified CM IM&P also affects Cisc...

CVE-2021-1357

CVE-2021-1357 concerns multiple input-validation weaknesses in Cisco Unified Communications Manager IM&P, with a broader impact affecting Unified CM and Unified CM SME. The advisory describes path-traversal and SQL injection vulnerabilities in Unified CM IM&P, which may allow an attacker to acces...