Lucene search
K
CiscoHosted Collaboration Mediation Fulfillment

8 matches found

CVE
CVE
added 2018/06/07 12:0 p.m.69 views

CVE-2017-6779

CVE-2017-6779 affects multiple Cisco VOS-based products (Emergency Responder, Finesse, UCM family, Unity Connection, UIC, SME, UCCx, MediaSense, Prime products, and related). Root cause: system log file has no maximum size limit, enabling an unauthenticated, remote attacker to cause high disk uti...

7.8CVSS7.5AI score0.01984EPSS
CVE
CVE
added 2020/09/23 12:25 a.m.66 views

CVE-2020-3124

Cisco HCM-F CSRF vulnerability (CVE-2020-3124) stems from insufficient CSRF protections in the web-based interface. An unauthenticated, remote attacker can persuade a user to click a malicious link, enabling arbitrary requests that could change a target user’s password and allow unauthorized acti...

6.5CVSS6.7AI score0.005EPSS
CVE
CVE
added 2021/05/06 12:41 p.m.66 views

CVE-2021-1478

CVE-2021-1478 affects Cisco Unified Communications Manager (Unified CM) and Unified CM Session Management Edition (Unified CM SME). The issue arises from an unsecured JMX TCP/IP port, permitting an authenticated, remote attacker over the network to restart the JMX process and cause a denial-of-se...

6.8CVSS5.5AI score0.01015EPSS
CVE
CVE
added 2016/09/12 10:0 a.m.56 views

CVE-2016-6371

CVE-2016-6371 describes a directory traversal flaw in Cisco Hosted Collaboration Mediation Fulfillment (HCM-F) web interface (vulnerable in 10.6(3) and earlier). The root cause is insufficient validation of the HTTP URL, enabling an unauthenticated, remote attacker to write arbitrary files via a ...

7.5CVSS7.5AI score0.04778EPSS
CVE
CVE
added 2016/09/12 10:0 a.m.53 views

CVE-2016-6370

The CVE-2016-6370 issue affects Cisco Hosted Collaboration Mediation Fulfillment (HCM-F) up to version 10.6(3) and earlier. A vulnerability in the web interface permits a remote authenticated attacker to read arbitrary files by sending a crafted HTTP pathname, due to insufficient input validation...

4.3CVSS4.3AI score0.02384EPSS
CVE
CVE
added 2018/10/05 2:0 p.m.51 views

CVE-2018-15401

The CVE-2018-15401 entry concerns Cisco Hosted Collaboration Mediation Fulfillment (HCM-F) with a vulnerability in its web-based management interface due to insufficient CSRF protections. A remote, unauthenticated attacker could coerce a logged-in user to perform arbitrary actions on the affected...

6.5CVSS6.7AI score0.005EPSS
CVE
CVE
added 2016/11/03 9:0 p.m.44 views

CVE-2016-6454

CVE-2016-6454 describes a CSRF vulnerability in the Cisco Hosted Collaboration Mediation Fulfillment (HCMF) web interface. An unauthenticated, remote attacker could coax a user into performing unintended actions within HCMF. Affected release: 11.5(1). Fixed release: 11.5(0.98000.216). The issue a...

6.5CVSS6.7AI score0.00496EPSS
CVE
CVE
added 2020/05/06 4:41 p.m.41 views

CVE-2020-3256

Cisco HCM-F (Hosted Collaboration Mediation Fulfillment) web-based management interface is affected by an XXE (XML External Entity) vulnerability. The issue arises during parsing of certain XML files, allowing an authenticated, remote attacker with administrative privileges to read local files an...

4.9CVSS4.9AI score0.01194EPSS