20 matches found
voss-indonesia.com Improper Access Control vulnerability OBB-2465160
Following the coordinated and responsible vulnerability disclosure guidelines of the ISO 29147 standard, Open Bug Bounty has: a. verified the vulnerability and confirmed its existence; b. notified the website operator about its existence. Technical details of the vulnerability are currently hidde...
CVE-2016-2783
Avaya Fabric Connect Virtual Services Platform VSP Operating System Software VOSS before 4.2.3.0 and 5.x before 5.0.1.0 does not properly handle VLAN and I-SIS indexes, which allows remote attackers to obtain unauthorized access via crafted Ethernet frames...
Viproy v2.0 - VoIP Penetration Testing and Exploitation Kit
Viproy Voip Pen-Test Kit provides penetration testing modules for VoIP networks. It supports signalling analysis for SIP and Skinny protocols, IP phone services and network infrastructure. Viproy 2.0 is released at Blackhat Arsenal USA 2014 with TCP/TLS support for SIP, vendor extentions support,...
Improper access control
The web framework in VOSS in Cisco Unified Communications Domain Manager CDM does not properly implement access control, which allows remote attackers to enumerate accounts by visiting an unspecified BVSMWeb web page, aka Bug IDs CSCun39619 and CSCun45572...
Improper access control
The web framework in VOSS in Cisco Unified Communications Domain Manager CDM does not properly implement access control, which allows remote attackers to obtain potentially sensitive user information by visiting an unspecified BVSMWeb web page, aka Bug IDs CSCun46071 and CSCun46101...
CVE-2014-3281
CVE-2014-3281 affects Cisco’s VOSS web framework in the Unified Communications Domain Manager (CDM). The issue is an improper access control vulnerability that could allow remote attackers to view potentially sensitive user information by accessing an unspecified BVSMWeb page (Bug IDs CSCun46071/...
CVE-2014-3280
The web framework in VOSS in Cisco Unified Communications Domain Manager CDM 9.0.1 and earlier does not properly implement access control, which allows remote authenticated users to obtain potentially sensitive user information by visiting an unspecified Administration GUI web page, aka Bug IDs...
CVE-2014-3280
CVE-2014-3280 affects Cisco VOSS CDM (Cisco Unified Communications Domain Manager) versions 9.0(.1) and earlier. The issue is an improper access-control enforcement in the web framework, allowing remote authenticated users to access potentially sensitive user information by visiting an unspecifie...
CVE-2014-3279
The Administration GUI in the web framework in VOSS in Cisco Unified Communications Domain Manager CDM 9.0.1 and earlier does not properly implement access control, which allows remote attackers to enumerate account names via a crafted URL, aka Bug IDs CSCun39631 and CSCun39643...
Improper access control
The Administration GUI in the web framework in VOSS in Cisco Unified Communications Domain Manager CDM 9.0.1 and earlier does not properly implement access control, which allows remote authenticated users to obtain sensitive number-translation information by leveraging Location Administrator...
Improper access control
The Administration GUI in the web framework in VOSS in Cisco Unified Communications Domain Manager CDM 9.0.1 and earlier does not properly implement access control, which allows remote authenticated users to obtain sensitive user and group information by leveraging Location Administrator privileg...
Improper access control
The Administration GUI in the web framework in VOSS in Cisco Unified Communications Domain Manager CDM 9.0.1 and earlier does not properly implement access control, which allows remote attackers to enumerate account names via a crafted URL, aka Bug IDs CSCun39631 and CSCun39643...
Open redirect
Open redirect vulnerability in Self-Care Client Portal applications in the web framework in VOSS in Cisco Unified Communications Domain Manager CDM 9.0.1 and earlier allows remote attackers to redirect users to arbitrary web sites and conduct phishing attacks via a crafted URL, aka Bug ID...
CVE-2014-3277
CVE-2014-3277 concerns Cisco Unified Communications Domain Manager (CDM) using Cisco VOSS. The issue is improper access control in the CDM Admin GUI (web framework) for version 9.0(.1) and earlier, allowing remote authenticated users with Location Administrator privileges to obtain sensitive user...
CVE-2014-3282
CVE-2014-3282 affects the Cisco Unified Communications Domain Manager (CDM) with VOSS, specifically the Administration GUI in the web framework of CDM 9.0(.1) and earlier. The root cause is an improper access-control implementation in the Admin GUI, allowing remote authenticated users with Locati...
CVE-2014-3279
The Administration GUI in the web framework in VOSS in Cisco Unified Communications Domain Manager CDM 9.0.1 and earlier does not properly implement access control, which allows remote attackers to enumerate account names via a crafted URL, aka Bug IDs CSCun39631 and CSCun39643...
CVE-2014-3283
CVE-2014-3283 describes an open redirect vulnerability in the Self‑Care Client Portal web framework of Cisco VOSS CDM (Cisco Unified Communications Domain Manager) 9.0(.1) and earlier. A crafted URL can redirect users to arbitrary sites, enabling phishing. The documents confirm the affected produ...
CVE-2014-3283
Open redirect vulnerability in Self-Care Client Portal applications in the web framework in VOSS in Cisco Unified Communications Domain Manager CDM 9.0.1 and earlier allows remote attackers to redirect users to arbitrary web sites and conduct phishing attacks via a crafted URL, aka Bug ID...
Cisco Unity Connection Version
Cisco Unity Connection was found. TRUSTED...
DSA-2119-1 poppler - several vulnerabilities
Bulletin has no description...