Lucene search

K
CiscoUnified Communications Manager Im And Presence Service9.1(1)

5 matches found

CVE
CVE
added 2015/08/01 1:59 a.m.52 views

CVE-2015-4294

Cross-site scripting (XSS) vulnerability in Cisco IM and Presence Service before 10.5 MR1 allows remote attackers to inject arbitrary web script or HTML by constructing a crafted URL that leverages incomplete filtering of HTML elements, aka Bug ID CSCut41766.

4.3CVSS5.9AI score0.00263EPSS
CVE
CVE
added 2015/06/26 10:59 a.m.48 views

CVE-2015-4221

Cisco Unified Communications Manager IM and Presence Service 9.1(1) does not properly restrict access to encrypted passwords, which allows remote attackers to determine cleartext passwords, and consequently execute arbitrary commands, by visiting an unspecified web page and then conducting a decryp...

4CVSS7.6AI score0.00155EPSS
CVE
CVE
added 2015/06/26 10:59 a.m.38 views

CVE-2015-4222

SQL injection vulnerability in Cisco Unified Communications Manager IM and Presence Service 9.1(1) allows remote authenticated users to execute arbitrary SQL commands via unspecified vectors, aka Bug ID CSCuq46325.

6.5CVSS8.2AI score0.00495EPSS
CVE
CVE
added 2016/08/08 12:59 a.m.38 views

CVE-2016-1466

Cisco Unified Communications Manager IM and Presence Service 9.1(1) SU6, 9.1(1) SU6a, 9.1(1) SU7, 10.5(2) SU2, 10.5(2) SU2a, 11.0(1) SU1, and 11.5(1) allows remote attackers to cause a denial of service (sipd process restart) via crafted headers in a SIP packet, aka Bug ID CSCva39072.

7.8CVSS7.3AI score0.01338EPSS
CVE
CVE
added 2014/11/21 2:59 a.m.37 views

CVE-2014-8000

Cisco Unified Communications Manager IM and Presence Service 9.1(1) produces different returned messages for URL requests depending on whether a username exists, which allows remote attackers to enumerate user accounts via a series of requests, aka Bug ID CSCur63497.

5CVSS6.9AI score0.00735EPSS