Unified Communications Domain Manager Security Vulnerabilities and Issues — Unified Communications Domain Manager CVE List

Lucene search

CiscoUnified Communications Domain Manager

11 matches found

CVE•added 2015/06/30 10:59 a.m.•54 views

CVE-2015-4229

The web framework in Cisco Unified Communications Domain Manager 8.1(4)ER1 allows remote attackers to obtain sensitive information by visiting a bvsmweb URL, aka Bug ID CSCuq22589.

5CVSS6.3AI score0.00428EPSS

CVE•added 2015/04/15 10:59 a.m.•45 views

CVE-2015-0699

SQL injection vulnerability in the Interactive Voice Response (IVR) component in Cisco Unified Communications Manager (UCM) 10.5(1.98991.13) allows remote attackers to execute arbitrary SQL commands via unspecified vectors, aka Bug ID CSCut21563.

5CVSS8.7AI score0.00235EPSS

CVE•added 2015/07/04 10:59 a.m.•42 views

CVE-2015-4196

Platform Software before 4.4.5 in Cisco Unified Communications Domain Manager (CDM) 8.x has a hardcoded password for a privileged account, which allows remote attackers to obtain root access by leveraging knowledge of this password and entering it in an SSH session, aka Bug ID CSCuq45546.

5CVSS7AI score0.00241EPSS

CVE•added 2015/01/10 2:59 a.m.•40 views

CVE-2014-8020

Cisco Unified Communication Domain Manager Platform Software allows remote attackers to cause a denial of service (CPU consumption, and performance degradation or service outage) via a flood of malformed TCP packets and UDP packets, aka Bug ID CSCup25276.

5CVSS6.9AI score0.00734EPSS

CVE•added 2015/04/03 10:59 a.m.•40 views

CVE-2015-0682

Cisco Unified Communications Domain Manager 8.1(4) allows remote authenticated users to execute arbitrary code by visiting a "deprecated page," aka Bug ID CSCup90168.

6.5CVSS7.5AI score0.01218EPSS

CVE•added 2015/04/03 10:59 a.m.•38 views

CVE-2015-0684

SQL injection vulnerability in the Image Management component in Cisco Unified Communications Domain Manager 8.1(4) allows remote authenticated users to execute arbitrary SQL commands via unspecified vectors, aka Bug ID CSCuq52515.

6.5CVSS8.2AI score0.00311EPSS

CVE•added 2015/01/15 10:59 p.m.•37 views

CVE-2015-0591

Cisco Unified Communications Domain Manager (UCDM) 10 allows remote attackers to cause a denial of service (daemon hang and GUI outage) via a flood of malformed TCP packets, aka Bug ID CSCur44177.

5CVSS6.8AI score0.00853EPSS

CVE•added 2015/01/15 10:59 p.m.•35 views

CVE-2015-0588

Cross-site request forgery (CSRF) vulnerability in Cisco Unified Communications Domain Manager (UCDM) 10 allows remote attackers to hijack the authentication of arbitrary users, aka Bug ID CSCuo77055.

6.8CVSS7.4AI score0.00172EPSS

CVE•added 2015/12/14 3:59 a.m.•35 views

CVE-2015-6422

The self-service application in Cisco Unified Communications Domain Manager (CUCDM) 10.6(1) allows remote authenticated users to cause a denial of service (subapplication outage) via malformed requests, aka Bug ID CSCuu10981.

4CVSS6.4AI score0.00455EPSS

CVE•added 2015/04/03 10:59 a.m.•34 views

CVE-2015-0683

Cisco Unified Communications Domain Manager 8.1(4) allows remote authenticated users to obtain sensitive information via a file-inclusion attack, aka Bug ID CSCup94744.

4CVSS5.9AI score0.00176EPSS

CVE•added 2015/10/30 10:59 a.m.•33 views

CVE-2015-6352

Cisco Unified Communications Domain Manager before 10.6(1) provides different error messages for pathname access attempts depending on whether the pathname exists, which allows remote attackers to map a filesystem via a series of requests, aka Bug ID CSCut67891.

4.3CVSS6.9AI score0.00283EPSS