Unified Communications Domain Manager Security Vulnerabilities and Issues — Unified Communications Domain Manager CVE List

Lucene search

CiscoUnified Communications Domain Manager

10 matches found

CVE•added 2018/08/15 8:29 p.m.•54 views

CVE-2018-0386

A vulnerability in Cisco Unified Communications Domain Manager Software could allow an unauthenticated, remote attacker to conduct a cross-site scripting (XSS) attack on an affected system. The vulnerability is due to improper validation of input that is passed to the affected software. An attacker...

6.1CVSS6.1AI score0.00305EPSS

CVE•added 2016/03/03 3:59 p.m.•49 views

CVE-2016-1354

Cross-site scripting (XSS) vulnerability in Cisco Unified Communications Domain Manager (UCDM) 8.x before 8.1.1 allows remote attackers to inject arbitrary web script or HTML via crafted markup data, aka Bug ID CSCud41176.

6.1CVSS6AI score0.0025EPSS

CVE•added 2013/07/11 10:55 p.m.•40 views

CVE-2013-3418

Cisco Unified Communications Domain Manager does not properly allocate memory for GET and POST requests, which allows remote authenticated users to cause a denial of service (memory consumption and process crash) via crafted requests to the management interface, aka Bug ID CSCud22922.

6.8CVSS6.5AI score0.00363EPSS

CVE•added 2014/08/12 11:55 p.m.•40 views

CVE-2014-3339

Multiple SQL injection vulnerabilities in the administrative web interface in Cisco Unified Communications Manager (CM) and Cisco Unified Presence Server (CUPS) allow remote authenticated users to execute arbitrary SQL commands via crafted input to unspecified pages, aka Bug ID CSCup74290.

6.5CVSS8.3AI score0.00378EPSS

CVE•added 2015/04/03 10:59 a.m.•40 views

CVE-2015-0682

Cisco Unified Communications Domain Manager 8.1(4) allows remote authenticated users to execute arbitrary code by visiting a "deprecated page," aka Bug ID CSCup90168.

6.5CVSS7.5AI score0.01218EPSS

CVE•added 2014/08/12 10:55 p.m.•39 views

CVE-2014-3337

The SIP implementation in Cisco Unified Communications Manager (CM) 8.6(.2) and earlier allows remote authenticated users to cause a denial of service (process crash) via a crafted SIP message that is not properly handled during processing of an XML document, aka Bug ID CSCtq76428.

6.8CVSS6.4AI score0.0247EPSS

CVE•added 2015/04/03 10:59 a.m.•38 views

CVE-2015-0684

SQL injection vulnerability in the Image Management component in Cisco Unified Communications Domain Manager 8.1(4) allows remote authenticated users to execute arbitrary SQL commands via unspecified vectors, aka Bug ID CSCuq52515.

6.5CVSS8.2AI score0.00311EPSS

CVE•added 2017/06/13 6:29 a.m.•38 views

CVE-2017-6670

A vulnerability in the web-based GUI of Cisco Unified Communications Domain Manager could allow an unauthenticated, remote attacker to redirect a user to a malicious web page, aka an Open Redirect issue. More Information: CSCvc54813. Known Affected Releases: 8.1(7)ER1.

6.1CVSS6.3AI score0.00255EPSS

CVE•added 2015/01/15 10:59 p.m.•35 views

CVE-2015-0588

Cross-site request forgery (CSRF) vulnerability in Cisco Unified Communications Domain Manager (UCDM) 10 allows remote attackers to hijack the authentication of arbitrary users, aka Bug ID CSCuo77055.

6.8CVSS7.4AI score0.00172EPSS

CVE•added 2014/12/10 9:59 p.m.•34 views

CVE-2014-8010

The web framework in Cisco Unified Communications Domain Manager 8 allows remote authenticated administrators to execute arbitrary OS commands via crafted values, aka Bug ID CSCuq50205.

6.5CVSS7.4AI score0.0036EPSS