Unified Communications Manager@12.0(1.10000.10) Security Vulnerabilities and Issues — Unified Communications Manager@12.0(1.10000.10) CVE List

Lucene search

CiscoUnified Communications Manager12.0(1.10000.10)

7 matches found

CVE•added 2018/08/01 8:29 p.m.•72 views

CVE-2018-0411

A vulnerability in the web-based management interface of Cisco Unified Communications Manager could allow an unauthenticated, remote attacker to conduct a reflected cross-site scripting (XSS) attack against a user of the web-based management interface of an affected device. The vulnerability is due...

6.1CVSS5.9AI score0.00382EPSS

CVE•added 2018/06/07 9:29 p.m.•63 views

CVE-2018-0355

A vulnerability in the web UI of Cisco Unified Communications Manager (Unified CM) could allow an unauthenticated, remote attacker to conduct a cross-frame scripting (XFS) attack against the user of the web UI of an affected system. The vulnerability is due to insufficient protections for HTML inli...

6.1CVSS6.1AI score0.00304EPSS

CVE•added 2018/04/19 8:29 p.m.•60 views

CVE-2018-0267

A vulnerability in the web framework of Cisco Unified Communications Manager could allow an authenticated, local attacker to view sensitive data that should be restricted. This could include LDAP credentials. The vulnerability is due to insufficient protection of database tables over the web interf...

6.5CVSS6.2AI score0.00067EPSS

CVE•added 2018/05/17 3:29 a.m.•55 views

CVE-2018-0328

A vulnerability in the web framework of Cisco Unified Communications Manager and Cisco Unified Presence could allow an unauthenticated, remote attacker to conduct a cross-site scripting (XSS) attack against a user of the web interface of an affected system. The vulnerability is due to insufficient ...

6.1CVSS6AI score0.00251EPSS

CVE•added 2018/06/07 9:29 p.m.•53 views

CVE-2018-0340

A vulnerability in the web framework of the Cisco Unified Communications Manager (Unified CM) software could allow an authenticated, remote attacker to conduct a cross-site scripting (XSS) attack against the user of the web interface of the affected system. The vulnerability is due to insufficient ...

5.4CVSS5.3AI score0.00235EPSS

CVE•added 2018/10/05 2:29 p.m.•46 views

CVE-2018-15403

A vulnerability in the web interface of Cisco Emergency Responder, Cisco Unified Communications Manager, Cisco Unified Communications Manager IM & Presence Service, and Cisco Unity Connection could allow an authenticated, remote attacker to redirect a user to a malicious web page. The vulnerability...

5.4CVSS5.3AI score0.00188EPSS

CVE•added 2018/04/19 8:29 p.m.•43 views

CVE-2018-0266

A vulnerability in the web framework of Cisco Unified Communications Manager could allow an authenticated, remote attacker to view sensitive data. The vulnerability is due to insufficient protection of database tables over the web interface. An attacker could exploit this vulnerability by browsing ...

4.3CVSS4.5AI score0.00157EPSS