Unified Web And E-mail Interaction Manager Security Vulnerabilities and Issues — Unified Web And E-mail Interaction Manager CVE List

Lucene search

CiscoUnified Web And E-mail Interaction Manager

9 matches found

CVE•added 2014/05/20 11:13 a.m.•42 views

CVE-2014-2193

Cisco Unified Web and E-Mail Interaction Manager places session identifiers in GET requests, which allows remote attackers to inject conversation text by obtaining a valid identifier, aka Bug ID CSCuj43084.

4.3CVSS6.8AI score0.00224EPSS

CVE•added 2015/12/14 3:59 a.m.•40 views

CVE-2015-6416

Cross-site scripting (XSS) vulnerability in Cisco Unified Email Interaction Manager and Unified Web Interaction Manager 11.0(1) allows remote attackers to inject arbitrary web script or HTML a crafted URL, aka Bug ID CSCuw24479.

4.3CVSS5.8AI score0.00296EPSS

CVE•added 2015/05/29 3:59 p.m.•39 views

CVE-2015-0753

SQL injection vulnerability in Cisco Unified Email Interaction Manager (EIM) and Unified Web Interaction Manager (WIM) 9.0(2) allows remote attackers to execute arbitrary SQL commands via unspecified vectors, aka Bug ID CSCuu30028.

6.8CVSS8.7AI score0.00269EPSS

CVE•added 2014/05/20 11:13 a.m.•36 views

CVE-2014-2194

system/egain/chat/entrypoint in Cisco Unified Web and E-mail Interaction Manager 9.0(2) allows remote attackers to have an unspecified impact by injecting a spoofed XML external entity.

6.8CVSS6.9AI score0.00403EPSS

CVE•added 2015/08/19 3:59 p.m.•36 views

CVE-2015-4298

Cisco Unified Web and E-Mail Interaction Manager 9.0(2) and 11.0(1) improperly performs authorization, which allows remote authenticated users to read or write to stored data via unspecified vectors, aka Bug ID CSCuo89056.

6.5CVSS6.2AI score0.00549EPSS

CVE•added 2015/08/19 3:59 p.m.•35 views

CVE-2015-6255

Cross-site scripting (XSS) vulnerability in Cisco Unified Web and E-Mail Interaction Manager 9.0(2) allows remote attackers to inject arbitrary web script or HTML via a crafted chat message, aka Bug ID CSCuo89051.

4.3CVSS5.8AI score0.00453EPSS

CVE•added 2015/08/19 3:59 p.m.•33 views

CVE-2015-4299

Cisco Unified Web and E-Mail Interaction Manager 9.0(2) improperly performs authorization, which allows remote authenticated users to remove default messaging-queue system folders via unspecified vectors, aka Bug ID CSCuo89046.

5.5CVSS6.5AI score0.00549EPSS

CVE•added 2014/05/20 11:13 a.m.•32 views

CVE-2014-2192

Cross-site scripting (XSS) vulnerability in Cisco Unified Web and E-mail Interaction Manager 9.0(2) allows remote attackers to inject arbitrary web script or HTML via an unspecified parameter, aka Bug ID CSCuj43033.

4.3CVSS5.9AI score0.00296EPSS

CVE•added 2015/02/28 2:59 a.m.•32 views

CVE-2015-0655

Cross-site scripting (XSS) vulnerability in Unified Web Interaction Manager in Cisco Unified Web and E-Mail Interaction Manager allows remote attackers to inject arbitrary web script or HTML via vectors related to a POST request, aka Bug ID CSCus74184.

4.3CVSS5.8AI score0.00296EPSS