Unified Communications Manager Security Vulnerabilities and Issues — Unified Communications Manager CVE List

Lucene search

CiscoUnified Communications Manager

9 matches found

CVE•added 2013/08/22 10:55 p.m.•49 views

CVE-2013-3453

Memory leak in Cisco Unified Communications Manager IM and Presence Service before 8.6(5)SU1 and 9.x before 9.1(2), and Cisco Unified Presence, allows remote attackers to cause a denial of service (memory and CPU consumption) by making many TCP connections to port (1) 5060 or (2) 5061, aka Bug ID C...

7.8CVSS6.8AI score0.00427EPSS

CVE•added 2013/08/25 3:27 a.m.•44 views

CVE-2013-3460

Memory leak in Cisco Unified Communications Manager (Unified CM) 8.5(x) before 8.5(1)su6, 8.6(x) before 8.6(2a)su3, and 9.x before 9.1(1) allows remote attackers to cause a denial of service (service disruption) via a high rate of UDP packets, aka Bug ID CSCub85597.

7.8CVSS6.7AI score0.00547EPSS

CVE•added 2013/08/25 3:27 a.m.•40 views

CVE-2013-3459

Cisco Unified Communications Manager (Unified CM) 7.1(x) before 7.1(5b)su6a does not properly handle errors, which allows remote attackers to cause a denial of service (service disruption) via malformed registration messages, aka Bug ID CSCuf93466.

7.8CVSS6.8AI score0.00427EPSS

CVE•added 2013/08/25 3:27 a.m.•40 views

CVE-2013-3461

Cisco Unified Communications Manager (Unified CM) 8.5(x) and 8.6(x) before 8.6(2a)su3 and 9.x before 9.1(1) does not properly restrict the rate of SIP packets, which allows remote attackers to cause a denial of service (memory and CPU consumption, and service disruption) via a flood of UDP packets ...

7.1CVSS6.8AI score0.00511EPSS

CVE•added 2013/08/29 12:7 p.m.•40 views

CVE-2013-3472

Cross-site request forgery (CSRF) vulnerability in the Enterprise License Manager (ELM) in Cisco Unified Communications Manager (CM) allows remote attackers to hijack the authentication of arbitrary users for requests that make ELM modifications, aka Bug ID CSCui58210.

6.8CVSS7.4AI score0.00107EPSS

CVE•added 2013/08/25 3:27 a.m.•37 views

CVE-2013-3462

Buffer overflow in Cisco Unified Communications Manager (Unified CM) 7.1(x) before 7.1(5b)su6, 8.5(x) before 8.5(1)su6, 8.6(x) before 8.6(2a)su3, and 9.x before 9.1(2) allows remote authenticated users to execute arbitrary code via unspecified vectors, aka Bug ID CSCud54358.

8.5CVSS7.8AI score0.08764EPSS

CVE•added 2013/08/05 1:22 p.m.•36 views

CVE-2013-3451

Multiple cross-site request forgery (CSRF) vulnerabilities in Cisco Unified Communications Manager (Unified CM) allow remote attackers to hijack the authentication of arbitrary users for requests that perform arbitrary Unified CM operations, aka Bug ID CSCui13033.

6.8CVSS7.5AI score0.00116EPSS

CVE•added 2013/08/05 1:22 p.m.•34 views

CVE-2013-3442

The web portal in Cisco Unified Communications Manager (Unified CM) allows remote authenticated users to obtain sensitive stack-trace information via unspecified vectors that trigger a stack exception, aka Bug ID CSCug34854.

4CVSS5.9AI score0.00162EPSS

CVE•added 2013/08/05 1:22 p.m.•31 views

CVE-2013-3450

Cross-site request forgery (CSRF) vulnerability in the User WebDialer page in Cisco Unified Communications Manager (Unified CM) allows remote attackers to hijack the authentication of arbitrary users for requests that dial calls, aka Bug ID CSCui13028.

6.8CVSS7.4AI score0.00122EPSS