Emergency Responder@* Security Vulnerabilities and Issues — Emergency Responder@* CVE List

Lucene search

CiscoEmergency Responder*

10 matches found

CVE•added 2021/12/10 10:15 a.m.•5645 views

CVE-2021-44228

Apache Log4j2 2.0-beta9 through 2.15.0 (excluding security releases 2.12.2, 2.12.3, and 2.3.1) JNDI features used in configuration, log messages, and parameters do not protect against attacker controlled LDAP and other JNDI related endpoints. An attacker who can control log messages or log message ...

10CVSS10AI score0.94358EPSS

CVE•added 2020/09/23 1:15 a.m.•70 views

CVE-2019-16025

A vulnerability in the web framework of Cisco Emergency Responder could allow an authenticated, remote attacker to conduct a cross-site scripting (XSS) attack against a user of the web-based management interface. The vulnerability is due to insufficient validation of some parameters that are passed...

5.5CVSS5.1AI score0.00156EPSS

CVE•added 2021/01/13 10:15 p.m.•58 views

CVE-2021-1226

A vulnerability in the audit logging component of Cisco Unified Communications Manager, Cisco Unified Communications Manager Session Management Edition, Cisco Unified Communications Manager IM & Presence Service, Cisco Unity Connection, Cisco Emergency Responder, and Cisco Prime License Manager cou...

6.5CVSS5.2AI score0.00225EPSS

CVE•added 2024/04/03 5:15 p.m.•56 views

CVE-2024-20352

A vulnerability in Cisco Emergency Responder could allow an authenticated, remote attacker to conduct a directory traversal attack, which could allow the attacker to perform arbitrary actions on an affected device. This vulnerability is due to insufficient protections for the web UI of an affected ...

8.8CVSS7.2AI score0.0019EPSS

CVE•added 2018/06/07 12:29 p.m.•54 views

CVE-2017-6779

Multiple Cisco products are affected by a vulnerability in local file management for certain system log files of Cisco collaboration products that could allow an unauthenticated, remote attacker to cause high disk utilization, resulting in a denial of service (DoS) condition. The vulnerability occu...

7.8CVSS7.5AI score0.00942EPSS

CVE•added 2024/04/03 5:15 p.m.•47 views

CVE-2024-20347

A vulnerability in Cisco Emergency Responder could allow an unauthenticated, remote attacker to conduct a CSRF attack, which could allow the attacker to perform arbitrary actions on an affected device. This vulnerability is due to insufficient protections for the web UI of an affected system. An at...

6.5CVSS7.1AI score0.00164EPSS

CVE•added 2014/04/04 3:10 p.m.•35 views

CVE-2014-2116

Cisco Emergency Responder (ER) 8.6 and earlier allows remote attackers to inject web pages and modify dynamic content via unspecified parameters, aka Bug ID CSCun37882.

4.3CVSS6.9AI score0.00377EPSS

CVE•added 2014/04/04 3:10 p.m.•34 views

CVE-2014-2117

Multiple open redirect vulnerabilities in Cisco Emergency Responder (ER) 8.6 and earlier allow remote attackers to redirect users to arbitrary web sites and conduct phishing attacks via unspecified parameters, aka Bug ID CSCun37909.

4.3CVSS7.1AI score0.00377EPSS

CVE•added 2014/04/04 3:10 p.m.•32 views

CVE-2014-2114

Cross-site scripting (XSS) vulnerability in UserServlet in Cisco Emergency Responder (ER) 8.6 and earlier allows remote attackers to inject arbitrary web script or HTML via an unspecified parameter, aka Bug ID CSCun24384.

4.3CVSS5.9AI score0.00277EPSS

CVE•added 2014/04/04 3:10 p.m.•30 views

CVE-2014-2115

Multiple cross-site request forgery (CSRF) vulnerabilities in CERUserServlet pages in Cisco Emergency Responder (ER) 8.6 and earlier allow remote attackers to hijack the authentication of arbitrary users, aka Bug ID CSCun24250.

6.8CVSS7.5AI score0.00142EPSS