Unified Communications Manager Im And Presence Service@9.1(1) Security Vulnerabilities and Issues — Unified Communications Manager Im And Presence Service@9.1(1) CVE List

Lucene search

CiscoUnified Communications Manager Im And Presence Service9.1(1)

3 matches found

CVE•added 2015/08/01 1:59 a.m.•52 views

CVE-2015-4294

Cross-site scripting (XSS) vulnerability in Cisco IM and Presence Service before 10.5 MR1 allows remote attackers to inject arbitrary web script or HTML by constructing a crafted URL that leverages incomplete filtering of HTML elements, aka Bug ID CSCut41766.

4.3CVSS5.9AI score0.00263EPSS

CVE•added 2015/06/26 10:59 a.m.•48 views

CVE-2015-4221

Cisco Unified Communications Manager IM and Presence Service 9.1(1) does not properly restrict access to encrypted passwords, which allows remote attackers to determine cleartext passwords, and consequently execute arbitrary commands, by visiting an unspecified web page and then conducting a decryp...

4CVSS7.6AI score0.00155EPSS

CVE•added 2015/06/26 10:59 a.m.•38 views

CVE-2015-4222

SQL injection vulnerability in Cisco Unified Communications Manager IM and Presence Service 9.1(1) allows remote authenticated users to execute arbitrary SQL commands via unspecified vectors, aka Bug ID CSCuq46325.

6.5CVSS8.2AI score0.00495EPSS