3 matches found
Cisco Unified Communications Manager SQL Injection Vulnerability
A vulnerability in the web-based management interface of Cisco Unified Communications Manager Unified CM and Cisco Unified Communications Manager Session Management Edition Unified CM SME could allow an authenticated, remote attacker to conduct SQL injection attacks on an affected system. This...
Cisco Unified Communications Products Cross-Site Request Forgery Vulnerability
A vulnerability in the web-based management interface of Cisco Unified Communications Manager Unified CM, Cisco Unified Communications Manager Session Management Edition Unified CM SME, and Cisco Unified Communications Manager IM & Presence Service Unified CM IM&P could allow an unauthenticated,...
Cisco Unified Communications Manager Cross-Site Request Forgery (XSRF) Vulnerability (cisco-sa-20191002-cucm-csrf)
According to its self-reported version, Cisco Unified Communications Manager is affected by a cross-site request forgery XSRF vulnerability exists in its web application interface component due to insufficient XSRF protections. A remote attacker can exploit this by tricking a user into visiting a...