5 matches found
CVE-2008-4544
Cisco Unity (Server 4.2/5.0/7.0) contains a vulnerability that allows an unauthenticated, remote attacker to cause a denial-of-service by sending crafted UDP packets to dynamic ports due to improper handling of network messages. The issue affects Cisco Unity Server deployments (as cited in Cisco ...
CVE-2008-4543
Cisco Unity in 4.x (before 4.2(1)ES161), 5.x (before 5.0(1)ES53), and 7.x (before 7.0(2)ES8) is affected when using anonymous/native Unity authentication. A remote attacker can cause a denial of service by exhausting sessions via a large number of connections. Root cause is an authentication/conf...
CVE-2008-3814
Cisco Unity 4.x before 4.2(1)ES161, 5.x before 5.0(1)ES53, and 7.x before 7.0(2)ES8 are affected by an authentication bypass when configured for anonymous/native Unity authentication. An unauthenticated attacker can bypass login and read or modify certain configuration parameters by visiting a sp...
CVE-2008-4545
Cisco Unity 4.x before 4.2(1)ES161, 5.x before 5.0(1)ES53, and 7.x before 7.0(2)ES8 have weak permissions on the D:\CommServer\Reports directory, allowing remote authenticated users to read files and obtain sensitive information. Affected products are Cisco Unity Server 4.x/5.x/7.x with this dire...
CVE-2008-4542
CVE-2008-4542 describes a cross-site scripting (XSS) vulnerability in Cisco Unity where remote authenticated administrators can inject arbitrary web script or HTML by entering it into the storage/database. Affected products include Cisco Unity 4.x prior to 4.2(1)ES162, Cisco Unity 5.x prior to 5....