Call Manager@4.1 Security Vulnerabilities and Issues — Call Manager@4.1 CVE List

Lucene search

CiscoCall Manager4.1

7 matches found

CVE•added 2007/08/31 11:17 p.m.•45 views

CVE-2007-4633

Multiple cross-site scripting (XSS) vulnerabilities in Cisco CallManager and Unified Communications Manager (CUCM) before 3.3(5)sr2b, 4.1 before 4.1(3)sr5, 4.2 before 4.2(3)sr2, and 4.3 before 4.3(1)sr1 allow remote attackers to inject arbitrary web script or HTML via the lang variable to the (1) u...

4.3CVSS5.8AI score0.00516EPSS

CVE•added 2005/07/12 4:0 a.m.•41 views

CVE-2005-2243

Memory leak in inetinfo.exe in Cisco CallManager (CCM) 3.2 and earlier, 3.3 before 3.3(5), 4.0 before 4.0(2a)SR2b, and 4.1 4.1 before 4.1(3)SR1, when Multi Level Admin (MLA) is enabled, allows remote attackers to cause a denial of service (memory consumption) via a large number of Admin Service Too...

5CVSS6.6AI score0.00655EPSS

CVE•added 2007/05/24 2:30 a.m.•40 views

CVE-2007-2832

Cross-site scripting (XSS) vulnerability in the web application firewall in Cisco CallManager before 3.3(5)sr3, 4.1 before 4.1(3)sr5, 4.2 before 4.2(3)sr2, and 4.3 before 4.3(1)sr1 allows remote attackers to inject arbitrary web script or HTML via the pattern parameter to CCMAdmin/serverlist.asp (a...

4.3CVSS5.8AI score0.17846EPSS

CVE•added 2007/08/31 11:17 p.m.•40 views

CVE-2007-4634

Multiple SQL injection vulnerabilities in Cisco CallManager and Unified Communications Manager (CUCM) before 3.3(5)sr2b, 4.1 before 4.1(3)sr5, 4.2 before 4.2(3)sr2, and 4.3 before 4.3(1)sr1 allow remote attackers to execute arbitrary SQL commands via the lang variable to the (1) user or (2) admin l...

9.3CVSS8.5AI score0.01774EPSS

CVE•added 2005/07/12 4:0 a.m.•39 views

CVE-2005-2241

Cisco CallManager (CCM) 3.2 and earlier, 3.3 before 3.3(5), 4.0 before 4.0(2a)SR2b, and 4.1 4.1 before 4.1(3)SR1 does not quickly time out Realtime Information Server Data Collection (RISDC) sockets, which results in a "resource leak" that allows remote attackers to cause a denial of service (memor...

5CVSS6.6AI score0.00655EPSS

CVE•added 2006/06/21 1:2 a.m.•37 views

CVE-2006-3109

Cross-site scripting (XSS) vulnerability in Cisco CallManager 3.3 before 3.3(5)SR3, 4.1 before 4.1(3)SR4, 4.2 before 4.2(3), and 4.3 before 4.3(1), allows remote attackers to inject arbitrary web script or HTML via the (1) pattern parameter in ccmadmin/phonelist.asp and (2) arbitrary parameters in ...

4.3CVSS5.7AI score0.07389EPSS

CVE•added 2005/07/12 4:0 a.m.•34 views

CVE-2005-2244

The aupair service (aupair.exe) in Cisco CallManager (CCM) 3.2 and earlier, 3.3 before 3.3(5), 4.0 before 4.0(2a)SR2b, and 4.1 4.1 before 4.1(3)SR1 allows remote attackers to execute arbitrary code or corrupt memory via crafted packets that trigger a memory allocation failure and lead to a buffer o...

5CVSS7.9AI score0.01384EPSS