Unified Communications Manager@5.1(1) Security Vulnerabilities and Issues — Unified Communications Manager@5.1(1) CVE List

Lucene search

CiscoUnified Communications Manager5.1(1)

10 matches found

CVE•added 2009/03/12 3:20 p.m.•53 views

CVE-2009-0632

The IP Phone Personal Address Book (PAB) Synchronizer feature in Cisco Unified Communications Manager (aka CUCM, formerly CallManager) 4.1, 4.2 before 4.2(3)SR4b, 4.3 before 4.3(2)SR1b, 5.x before 5.1(3e), 6.x before 6.1(3), and 7.0 before 7.0(2) sends privileged directory-service account credentia...

9CVSS6.6AI score0.01474EPSS

CVE•added 2013/08/22 10:55 p.m.•49 views

CVE-2013-3453

Memory leak in Cisco Unified Communications Manager IM and Presence Service before 8.6(5)SU1 and 9.x before 9.1(2), and Cisco Unified Presence, allows remote attackers to cause a denial of service (memory and CPU consumption) by making many TCP connections to port (1) 5060 or (2) 5061, aka Bug ID C...

7.8CVSS6.8AI score0.00427EPSS

CVE•added 2013/11/18 3:55 a.m.•49 views

CVE-2013-6689

Cisco Unified Communications Manager (Unified CM) 9.1(1) and earlier allows local users to bypass file permissions, and read, modify, or create arbitrary files, via an "overload" of the command-line utility, aka Bug ID CSCui58229.

6.9CVSS6.7AI score0.00056EPSS

CVE•added 2013/11/18 3:55 a.m.•46 views

CVE-2013-6688

Directory traversal vulnerability in the license-upload interface in the Enterprise License Manager (ELM) component in Cisco Unified Communications Manager 9.1(1) and earlier allows remote authenticated users to create arbitrary files via a crafted path, aka Bug ID CSCui58222.

6.3CVSS6.4AI score0.00387EPSS

CVE•added 2007/07/15 10:30 p.m.•42 views

CVE-2007-3776

Cisco Unified Communications Manager (CUCM, formerly CallManager) and Unified Presence Server (CUPS) allow remote attackers to obtain sensitive information via unspecified vectors that reveal the SNMP community strings and configuration settings, aka (1) CSCsj20668 and (2) CSCsj25962.

5CVSS6.2AI score0.00516EPSS

CVE•added 2011/10/27 9:55 p.m.•41 views

CVE-2011-3315

Directory traversal vulnerability in Cisco Unified Communications Manager (CUCM) 5.x and 6.x before 6.1(5)SU2, 7.x before 7.1(5b)SU2, and 8.x before 8.0(3), and Cisco Unified Contact Center Express (aka Unified CCX or UCCX) and Cisco Unified IP Interactive Voice Response (Unified IP-IVR) before 6.0...

7.8CVSS6.5AI score0.57432EPSS

CVE•added 2009/01/22 6:30 p.m.•39 views

CVE-2009-0057

The Certificate Authority Proxy Function (CAPF) service in Cisco Unified Communications Manager 5.x before 5.1(3e) and 6.x before 6.1(3) allows remote attackers to cause a denial of service (voice service outage) by sending malformed input over a TCP session in which the "client terminates prematur...

4.3CVSS6.7AI score0.00529EPSS

CVE•added 2007/07/15 10:30 p.m.•38 views

CVE-2007-3775

Unspecified vulnerability in Cisco Unified Communications Manager (CUCM, formerly CallManager) and Unified Presence Server (CUPS) allows remote attackers to cause a denial of service (loss of cluster services) via unspecified vectors, aka (1) CSCsj09859 and (2) CSCsj19985.

7.8CVSS6.7AI score0.01482EPSS

CVE•added 2014/01/08 9:55 p.m.•38 views

CVE-2014-0657

The administration portal in Cisco Unified Communications Manager (Unified CM) 9.1(1) and earlier does not properly handle role restrictions, which allows remote authenticated users to bypass role-based access control via multiple visits to a forbidden portal URL, aka Bug ID CSCuj83540.

4CVSS6.5AI score0.00445EPSS

CVE•added 2013/12/21 2:22 p.m.•30 views

CVE-2013-6978

The disaster recovery system (DRS) component in Cisco Unified Communications Manager (UCM) 9.1(1) and earlier allows remote authenticated users to obtain sensitive device information by reading "extraneous information" in HTML source code, aka Bug ID CSCuj39249.

4CVSS5.8AI score0.00501EPSS