Unified Communications Manager@* Security Vulnerabilities and Issues — Unified Communications Manager@* CVE List

Lucene search

CiscoUnified Communications Manager*

14 matches found

CVE•added 2021/12/10 10:15 a.m.•5637 views

CVE-2021-44228

Apache Log4j2 2.0-beta9 through 2.15.0 (excluding security releases 2.12.2, 2.12.3, and 2.3.1) JNDI features used in configuration, log messages, and parameters do not protect against attacker controlled LDAP and other JNDI related endpoints. An attacker who can control log messages or log message ...

10CVSS10AI score0.94358EPSS

CVE•added 2021/04/08 4:15 a.m.•120 views

CVE-2021-1362

A vulnerability in the SOAP API endpoint of Cisco Unified Communications Manager, Cisco Unified Communications Manager Session Management Edition, Cisco Unified Communications Manager IM & Presence Service, Cisco Unity Connection, and Cisco Prime License Manager could allow an authenticated, remote...

9CVSS8.8AI score0.0233EPSS

CVE•added 2021/04/08 4:15 a.m.•92 views

CVE-2021-1380

Multiple vulnerabilities in the web-based management interface of Cisco Unified Communications Manager (Unified CM), Cisco Unified Communications Manager IM & Presence Service (Unified CM IM&P), Cisco Unified Communications Manager Session Management Edition (Unified CM SME), and Cisco Unity Connec...

6.1CVSS6.1AI score0.00346EPSS

CVE•added 2021/04/08 4:15 a.m.•81 views

CVE-2021-1408

6.1CVSS6.1AI score0.00339EPSS

CVE•added 2021/04/08 4:15 a.m.•74 views

CVE-2021-1409

6.1CVSS6.1AI score0.00346EPSS

CVE•added 2021/04/08 4:15 a.m.•72 views

CVE-2021-1399

A vulnerability in the Self Care Portal of Cisco Unified Communications Manager (Unified CM) and Cisco Unified Communications Manager Session Management Edition (Unified CM SME) could allow an authenticated, remote attacker to modify data on an affected system without proper authorization. The vuln...

4.3CVSS4.4AI score0.00072EPSS

CVE•added 2021/04/08 4:15 a.m.•66 views

CVE-2021-1407

6.1CVSS6.1AI score0.00339EPSS

CVE•added 2021/01/20 8:15 p.m.•62 views

CVE-2021-1282

Multiple vulnerabilities in Cisco Unified Communications Manager IM & Presence Service (Unified CM IM&P) could allow an attacker to conduct path traversal attacks and SQL injection attacks on an affected system. One of the SQL injection vulnerabilities that affects Unified CM IM&P also affects Cisc...

6.5CVSS6.3AI score0.00309EPSS

CVE•added 2021/01/13 10:15 p.m.•58 views

CVE-2021-1226

A vulnerability in the audit logging component of Cisco Unified Communications Manager, Cisco Unified Communications Manager Session Management Edition, Cisco Unified Communications Manager IM & Presence Service, Cisco Unity Connection, Cisco Emergency Responder, and Cisco Prime License Manager cou...

6.5CVSS5.2AI score0.00225EPSS

CVE•added 2021/01/20 8:15 p.m.•57 views

CVE-2021-1355

6.5CVSS6.9AI score0.004EPSS

CVE•added 2021/05/06 1:15 p.m.•51 views

CVE-2021-1478

A vulnerability in the Java Management Extensions (JMX) component of Cisco Unified Communications Manager (Unified CM) and Cisco Unified Communications Manager Session Management Edition (Unified CM SME) could allow an authenticated, remote attacker to cause a denial of service (DoS) condition on a...

6.8CVSS5.5AI score0.00239EPSS

CVE•added 2021/01/20 8:15 p.m.•49 views

CVE-2021-1364

6.5CVSS6.3AI score0.00309EPSS

CVE•added 2021/01/20 8:15 p.m.•46 views

CVE-2021-1357

6.5CVSS6.9AI score0.0036EPSS

CVE•added 2021/11/04 4:15 p.m.•42 views

CVE-2021-34701

A vulnerability in the web-based management interface of Cisco Unified Communications Manager (Unified CM), Cisco Unified Communications Manager Session Management Edition (Unified CM SME), Cisco Unified Communications Manager IM & Presence Service (Unified CM IM&P), and Cisco Unity Connection coul...

4.3CVSS4.4AI score0.0009EPSS