Unified Communications Manager@6.1 Security Vulnerabilities and Issues — Unified Communications Manager@6.1 CVE List

Lucene search

CiscoUnified Communications Manager6.1

15 matches found

CVE•added 2008/04/04 7:44 p.m.•53 views

CVE-2008-1154

The Disaster Recovery Framework (DRF) master server in Cisco Unified Communications products, including Unified Communications Manager (CUCM) 5.x and 6.x, Unified Presence 1.x and 6.x, Emergency Responder 2.x, and Mobility Manager 2.x, does not require authentication for requests received from the ...

10CVSS7.9AI score0.05566EPSS

CVE•added 2009/03/12 3:20 p.m.•53 views

CVE-2009-0632

The IP Phone Personal Address Book (PAB) Synchronizer feature in Cisco Unified Communications Manager (aka CUCM, formerly CallManager) 4.1, 4.2 before 4.2(3)SR4b, 4.3 before 4.3(2)SR1b, 5.x before 5.1(3e), 6.x before 6.1(3), and 7.0 before 7.0(2) sends privileged directory-service account credentia...

9CVSS6.6AI score0.01474EPSS

CVE•added 2008/09/26 4:21 p.m.•49 views

CVE-2008-3800

Unspecified vulnerability in the Session Initiation Protocol (SIP) implementation in Cisco IOS 12.2 through 12.4 and Unified Communications Manager 4.1 through 6.1, when VoIP is configured, allows remote attackers to cause a denial of service (device or process reload) via unspecified valid SIP mes...

7.1CVSS6.4AI score0.01935EPSS

CVE•added 2010/03/05 4:30 p.m.•46 views

CVE-2010-0591

Cisco Unified Communications Manager (aka CUCM, formerly CallManager) 6.x before 6.1(5), 7.x before 7.1(3b)SU2, and 8.x before 8.0(1) allows remote attackers to cause a denial of service (process failure) via a malformed SIP REG message, related to an overflow of the Telephone-URL field, aka Bug ID...

7.8CVSS7AI score0.00602EPSS

CVE•added 2008/09/26 4:21 p.m.•44 views

CVE-2008-3801

7.1CVSS6.4AI score0.01935EPSS

CVE•added 2010/03/05 4:30 p.m.•43 views

CVE-2010-0588

Cisco Unified Communications Manager (aka CUCM, formerly CallManager) 6.x before 6.1(5), 7.x before 7.1(3a)su1, and 8.x before 8.0(1) allows remote attackers to cause a denial of service (process failure) via a malformed SCCP (1) RegAvailableLines or (2) FwdStatReq message with an invalid Line numb...

7.8CVSS6.8AI score0.00602EPSS

CVE•added 2010/03/05 4:30 p.m.•43 views

CVE-2010-0592

The CTI Manager service in Cisco Unified Communications Manager (aka CUCM, formerly CallManager) 4.x before 4.3(2)sr1a, 6.x before 6.1(3), 7.0x before 7.0(2), 7.1x before 7.1(2), and 8.x before 8.0(1) allows remote attackers to cause a denial of service (service failure) via a malformed message, ak...

7.8CVSS6.7AI score0.00602EPSS

CVE•added 2008/05/16 12:54 p.m.•40 views

CVE-2008-1742

Memory leak in the Certificate Trust List (CTL) Provider service in Cisco Unified Communications Manager (CUCM) 5.x before 5.1(3) allows remote attackers to cause a denial of service (memory consumption and service interruption) via a series of malformed TCP packets, as demonstrated by TCPFUZZ, aka...

7.8CVSS6.5AI score0.00803EPSS

CVE•added 2008/05/16 12:54 p.m.•39 views

CVE-2008-1744

The Certificate Authority Proxy Function (CAPF) service in Cisco Unified Communications Manager (CUCM) 4.1 before 4.1(3)SR7, 4.2 before 4.2(3)SR4, and 4.3 before 4.3(2) allows remote attackers to cause a denial of service (service crash) via malformed network traffic, aka Bug ID CSCsk46770.

7.8CVSS6.5AI score0.01042EPSS

CVE•added 2009/01/22 6:30 p.m.•39 views

CVE-2009-0057

The Certificate Authority Proxy Function (CAPF) service in Cisco Unified Communications Manager 5.x before 5.1(3e) and 6.x before 6.1(3) allows remote attackers to cause a denial of service (voice service outage) by sending malformed input over a TCP session in which the "client terminates prematur...

4.3CVSS6.7AI score0.00529EPSS

CVE•added 2008/02/14 12:0 p.m.•38 views

CVE-2008-0026

SQL injection vulnerability in Cisco Unified CallManager/Communications Manager (CUCM) 5.0/5.1 before 5.1(3a) and 6.0/6.1 before 6.1(1a) allows remote authenticated users to execute arbitrary SQL commands via the key parameter to the (1) admin and (2) user interface pages.

6.5CVSS7.8AI score0.00355EPSS

CVE•added 2008/05/16 12:54 p.m.•38 views

CVE-2008-1745

Cisco Unified Communications Manager (CUCM) 5.x before 5.1(2) and 6.x before 6.1(1) allows remote attackers to cause a denial of service (service interruption) via a SIP JOIN message with a malformed header, aka Bug ID CSCsi48115.

7.8CVSS6.6AI score0.01918EPSS

CVE•added 2008/06/26 5:41 p.m.•36 views

CVE-2008-2730

The Real-Time Information Server (RIS) Data Collector service in Cisco Unified Communications Manager (CUCM) 5.x before 5.1(3) and 6.x before 6.1(1) allows remote attackers to bypass authentication, and obtain cluster configuration information and statistics, via a direct TCP connection to the serv...

5CVSS6.3AI score0.00507EPSS

CVE•added 2010/03/05 4:30 p.m.•35 views

CVE-2010-0587

Cisco Unified Communications Manager (aka CUCM, formerly CallManager) 4.x before 4.3(2)SR2, 6.x before 6.1(5), 7.x before 7.1(3a)su1, and 8.x before 8.0(1) allows remote attackers to cause a denial of service (process failure) via a malformed SCCP StationCapabilitiesRes message with an invalid MaxC...

7.8CVSS6.8AI score0.00602EPSS

CVE•added 2008/05/16 12:54 p.m.•33 views

CVE-2008-1746

The SNMP Trap Agent service in Cisco Unified Communications Manager (CUCM) 4.1 before 4.1(3)SR6, 4.2 before 4.2(3)SR3, 4.3 before 4.3(2), 5.x before 5.1(3), and 6.x before 6.1(1) allows remote attackers to cause a denial of service (core dump and service restart) via a series of malformed UDP packe...

7.8CVSS6.5AI score0.01918EPSS