Lucene search
+L
CiscoUnified Callmanager

18 matches found

CVE
CVE
added 2008/09/26 4:0 p.m.74 views

CVE-2008-3800

CVE-2008-3800 affects Cisco IOS 12.2–12.4 with VoIP and Cisco Unified Communications Manager 4.1–6.1. A DoS can be triggered by processing specific valid SIP messages, causing a reload of the device or main CCM process. The vulnerability is tied to Cisco bug CSCsu38644. Affected CUCM/IOS versions...

7.1CVSS6.4AI score0.0351EPSS
CVE
CVE
added 2008/09/26 4:0 p.m.66 views

CVE-2008-3801

CVE-2008-3801 affects Cisco IOS 12.2–12.4 and Cisco Unified Communications Manager (CUCM) 4.1–6.1 when VoIP is enabled. Affected SIP processing of valid SIP messages can cause the CCM/IOS DPS to reload, resulting in DoS (service disruption). Cisco advisories list fixed releases: CUCM 4.1(3)SR8, 4...

7.1CVSS6.4AI score0.03219EPSS
CVE
CVE
added 2007/04/02 11:0 p.m.62 views

CVE-2007-1826

CVE-2007-1826 affects Cisco Unified CallManager (CUCM) 5.0 before 5.0(4a)SU1 and Cisco Unified Presence Server (CUPS) 1.0 before 1.0(3). The issue is an unspecified vulnerability that lets remote attackers cause a denial of service (loss of cluster services) by sending a specific UDP packet to UD...

7.8CVSS6.6AI score0.01978EPSS
CVE
CVE
added 2008/01/17 2:0 a.m.62 views

CVE-2008-0027

CVE-2008-0027 corresponds to a heap overflow in Cisco Unified Communications Manager’s CTL Provider service (CTLProvider.exe). The flaw; occurs in CUCM 4.2 before 4.2(3)SR3 and 4.3 before 4.3(1)SR1, and in CallManager 4.0/4.1 before 4.1(3)SR5c; the CTL Provider listens on TCP port 2444 and proces...

10CVSS8AI score0.57108EPSS
CVE
CVE
added 2009/09/28 6:20 p.m.62 views

CVE-2009-2864

Cisco Unified Communications Manager (CUCM) versions affected: 5.x before 5.1(3g); 6.x before 6.1(4); 7.0.x before 7.0(2a)su1; 7.1.x before 7.1(2). Root cause is a denial-of-service in the SIP handling that can crash/restart the CM process when processing crafted SIP messages. CVSS base score in ...

7.8CVSS6.6AI score0.02945EPSS
CVE
CVE
added 2007/04/03 12:0 a.m.57 views

CVE-2007-1833

The CVE-2007-1833 issue affects Cisco Unified CallManager (CUCM) across multiple releases: 3.3 before 3.3(5)SR2a, 4.1 before 4.1(3)SR4, 4.2 before 4.2(3)SR1, and 5.0 before 5.0(4a)SU1. The Skinny Call Control Protocol (SCCP) implementation allows remote attackers to cause a denial of service (los...

5CVSS6.6AI score0.02354EPSS
CVE
CVE
added 2008/05/16 6:54 a.m.56 views

CVE-2008-1744

CVE-2008-1744 affects Cisco Unified Communications Manager (CUCM) CAPF (Certificate Authority Proxy Function) across CUCM 4.1/4.2/4.3 with specific SR updates. The CAPF service, normally TCP 3804 and disabled by default, may be abused by remote malformed network traffic to trigger a denial-of-ser...

7.8CVSS6.5AI score0.01179EPSS
CVE
CVE
added 2007/04/03 12:0 a.m.55 views

CVE-2007-1834

CVE-2007-1834 affects Cisco Unified CallManager (CUCM) 5.0 prior to 5.0(4a)SU1 and Cisco Unified Presence Server (CUPS) 1.0 prior to 1.0(3). The vulnerability allows unauthenticated, remote attackers to cause a denial of service (loss of voice services) by sending a flood of ICMP echo requests. R...

7.8CVSS6.6AI score0.01916EPSS
CVE
CVE
added 2008/02/14 11:0 a.m.54 views

CVE-2008-0026

Cisco Unified CallManager/Communications Manager (CUCM) versions affected: 5.0/5.1 before 5.1(3a) and 6.0/6.1 before 6.1(1a). A SQL injection vulnerability exists in the key parameter of the admin and user interface pages, allowing an authenticated remote attacker to inject SQL commands. The atta...

6.5CVSS7.8AI score0.01925EPSS
Web
CVE
CVE
added 2007/10/18 12:0 a.m.53 views

CVE-2007-5538

CVE-2007-5538 describes a buffer overflow in the Centralized TFTP File Locator Service of Cisco Unified Communications Manager (CUCM) (formerly CallManager) 5.1 before 5.1(3) and Unified CallManager 5.0. The vulnerability occurs during processing of filenames, allowing remote attackers to execute...

10CVSS8.1AI score0.05531EPSS
CVE
CVE
added 2006/07/14 8:0 p.m.52 views

CVE-2006-3592

Cisco Unified CallManager (CUCM) 5.0(1)–5.0(3a) contains an unspecified CLI vulnerability (bug CSCse11005) that allows local users to execute arbitrary commands with elevated privileges via certain CLI commands. Affected component: CLI in CUCM. Root cause: unspecified vectors within the CLI comma...

4.6CVSS7.4AI score0.00811EPSS
CVE
CVE
added 2006/07/14 8:0 p.m.51 views

CVE-2006-3594

CVE-2006-3594 refers to a buffer overflow in Cisco Unified CallManager (CUCM) 5.0(1)–5.0(3a) that lets remote attackers execute arbitrary code via a long hostname in a SIP request (bug CSCsd96542). The issue affects CUCM and is ranked HIGH with CVSS v2 base score 7.5, vector AV:N/AC:L/Au:N/C:P/I:...

7.5CVSS7.9AI score0.03543EPSS
CVE
CVE
added 2006/10/26 5:0 p.m.49 views

CVE-2006-5553

Cisco Security Agent (CSA) for Linux is affected in 4.5 before 4.5.1.657 and 5.0 before 5.0.0.193, as deployed with Unified CallManager (CUCM) and Unified Presence Server (CUPS). The issue allows remote attackers to cause a denial of service (resource consumption) via a port scan with certain opt...

7.8CVSS6.7AI score0.03065EPSS
CVE
CVE
added 2015/03/28 1:0 a.m.49 views

CVE-2015-0680

Cisco Unified Call Manager (CM) 9.1(2.1000.28) is affected by an arbitrary file-read vulnerability caused by improper restriction of resource requests. An authenticated, remote attacker could read arbitrary files on the targeted device via unspecified vectors. This requires authentication, mitiga...

4CVSS6.5AI score0.01318EPSS
CVE
CVE
added 2007/07/15 9:0 p.m.48 views

CVE-2006-5277

CVE-2006-5277 affects Cisco Unified Communications Manager (CUCM) prior to 20070711, due to an off-by-one error in the Certificate Trust List (CTL) Provider service (CTLProvider.exe) that can trigger a heap-based buffer overflow. The vulnerability could allow a remote attacker to execute arbitrar...

9.3CVSS7.7AI score0.09569EPSS
CVE
CVE
added 2006/07/14 8:0 p.m.46 views

CVE-2006-3593

CVE-2006-3593 affects Cisco Unified CallManager (CUCM) in versions 5.0(1) through 5.0(3a). The vulnerability enables local users to overwrite arbitrary files by redirecting a command’s output to a file or folder, described as bug CSCse31704. The connected documents confirm the affected product an...

4CVSS6.5AI score0.00993EPSS
CVE
CVE
added 2007/07/15 10:0 p.m.46 views

CVE-2006-5278

CVE-2006-5278 affects Cisco Unified Communications Manager (CUCM) RIS Data Collector (RisDC.exe). The issue is an integer overflow that can cause a heap-based buffer overflow when processing crafted packets, enabling remote code execution. Public references document the vulnerability as a pre-200...

10CVSS8AI score0.08884EPSS
CVE
CVE
added 2007/10/18 12:0 a.m.44 views

CVE-2007-5537

CVE-2007-5537 affects Cisco Unified Communications Manager (CUCM, former CallManager) 5.1 before 5.1(2) and Unified CallManager 5.0. The vulnerability allows remote attackers to cause a denial of service (kernel panic) by sending a flood of SIP INVITE messages to UDP port 5060, triggering resourc...

7.8CVSS6.7AI score0.01978EPSS