CVE-2017-3798

A cross-site scripting (XSS) filter bypass vulnerability in the web-based management interface of Cisco Unified Communications Manager could allow an unauthenticated, remote attacker to mount XSS attacks against a user of an affected device. More Information: CSCvb97237. Known Affected Releases: 11...

CVE-2017-3808

A vulnerability in the Session Initiation Protocol (SIP) UDP throttling process of Cisco Unified Communications Manager (Cisco Unified CM) could allow an unauthenticated, remote attacker to cause a denial of service (DoS) condition on an affected device. The vulnerability is due to insufficient rat...