13 matches found
CVE-2016-1354
Cross-site scripting XSS vulnerability in Cisco Unified Communications Domain Manager UCDM 8.x before 8.1.1 allows remote attackers to inject arbitrary web script or HTML via crafted markup data, aka Bug ID CSCud41176...
Cross site scripting
Cross-site scripting XSS vulnerability in Cisco Unified Communications Domain Manager UCDM 8.x before 8.1.1 allows remote attackers to inject arbitrary web script or HTML via crafted markup data, aka Bug ID CSCud41176...
CVE-2016-1354
CVE-2016-1354 affects Cisco Unified Communications Domain Manager (UCDM/UCDM) versions 8.x before 8.1.1. The vulnerability is a cross-site scripting (XSS) flaw in the web framework triggered by crafted markup data, due to insufficient input validation. Multiple sources (NVD, CVE listings, CNVD, C...
Cisco UCDM Platform Ships With Default, Static Password for Root Account
A week after admitting that several of its security appliances ship with static SSH keys, Cisco warned customers on Wednesday that its Unified Communications Domain Manager platform has a default, static password for an account that carries root privileges. The vulnerability affects versions of t...
Cisco Unified Communications Domain Manager Information Disclosure Vulnerability
Cisco Unified Communications Domain Manager UCDM is the United States Cisco Cisco company developed a dedicated call processing components in the unified communications solution. The component has scalable, distributable, and highly available enterprise voice-over-IP call processing capabilities....
Cisco Unified Communications Domain Manager Administrative Interface Denial of Service Vulnerability
A vulnerability in Cisco Unified Communication Domain Manager UCDM Application Software version 10 could allow an unauthenticated, remote attacker to cause the web server to become unresponsive. As a result, connections to the Cisco UCDM GUI will not be possible during the attack. The vulnerabili...
CVE-2015-0591
Cisco Unified Communications Domain Manager UCDM 10 allows remote attackers to cause a denial of service daemon hang and GUI outage via a flood of malformed TCP packets, aka Bug ID CSCur44177...
CVE-2015-0588
Cross-site request forgery CSRF vulnerability in Cisco Unified Communications Domain Manager UCDM 10 allows remote attackers to hijack the authentication of arbitrary users, aka Bug ID CSCuo77055...
Cross site request forgery (csrf)
Cross-site request forgery CSRF vulnerability in Cisco Unified Communications Domain Manager UCDM 10 allows remote attackers to hijack the authentication of arbitrary users, aka Bug ID CSCuo77055...
Code injection
Cisco Unified Communications Domain Manager UCDM 10 allows remote attackers to cause a denial of service daemon hang and GUI outage via a flood of malformed TCP packets, aka Bug ID CSCur44177...
CVE-2015-0591
Cisco Unified Communications Domain Manager UCDM 10 allows remote attackers to cause a denial of service daemon hang and GUI outage via a flood of malformed TCP packets, aka Bug ID CSCur44177...
CVE-2015-0588
Cisco Unified Communications Domain Manager (UCDM) version 10 contains a CSRF vulnerability (Bug ID CSCuo77055) that could allow an unauthenticated, remote attacker to hijack the authentication of arbitrary users. The issue arises from insufficient CSRF protections in the web framework, enabling ...
CVE-2015-0591
Cisco UC Domain Manager (UCDM) Application Software 10 is affected by CVE-2015-0591. A remote, unauthenticated attacker can cause a denial of service by sending a flood of malformed TCP packets to the web server, exploiting insufficient flood-control. Impact is that the UCDM GUI becomes unavailab...