Lucene search

K

8 matches found

CVE
CVE
added 2021/12/10 10:15 a.m.5945 views

CVE-2021-44228

Apache Log4j2 2.0-beta9 through 2.15.0 (excluding security releases 2.12.2, 2.12.3, and 2.3.1) JNDI features used in configuration, log messages, and parameters do not protect against attacker controlled LDAP and other JNDI related endpoints. An attacker who can control log messages or log message ...

10CVSS10AI score0.94358EPSS
In wildWeb
CVE
CVE
added 2024/01/17 5:15 p.m.143 views

CVE-2024-20272

A vulnerability in the web-based management interface of Cisco Unity Connection could allow an unauthenticated, remote attacker to upload arbitrary files to an affected system and execute commands on the underlying operating system. This vulnerability is due to a lack of authentication in a specifi...

9.8CVSS10AI score0.00356EPSS
CVE
CVE
added 2020/01/26 5:15 a.m.132 views

CVE-2020-3129

A vulnerability in the web-based management interface of Cisco Unity Connection Software could allow an authenticated, remote attacker to perform a stored cross-site scripting (XSS) attack. The vulnerability is due to insufficient input validation by the web-based management interface. An attacker ...

4.8CVSS4.8AI score0.0026EPSS
CVE
CVE
added 2024/01/26 6:15 p.m.120 views

CVE-2024-20253

A vulnerability in multiple Cisco Unified Communications and Contact Center Solutions products could allow an unauthenticated, remote attacker to execute arbitrary code on an affected device. This vulnerability is due to the improper processing of user-provided data that is being read into memory. ...

10CVSS9.6AI score0.03027EPSS
CVE
CVE
added 2021/04/08 4:15 a.m.93 views

CVE-2021-1380

Multiple vulnerabilities in the web-based management interface of Cisco Unified Communications Manager (Unified CM), Cisco Unified Communications Manager IM & Presence Service (Unified CM IM&P), Cisco Unified Communications Manager Session Management Edition (Unified CM SME), and Cisco Unity Connec...

6.1CVSS6.1AI score0.00346EPSS
CVE
CVE
added 2021/04/08 4:15 a.m.75 views

CVE-2021-1409

Multiple vulnerabilities in the web-based management interface of Cisco Unified Communications Manager (Unified CM), Cisco Unified Communications Manager IM & Presence Service (Unified CM IM&P), Cisco Unified Communications Manager Session Management Edition (Unified CM SME), and Cisco Unity Connec...

6.1CVSS6.1AI score0.00346EPSS
CVE
CVE
added 2024/01/26 6:15 p.m.58 views

CVE-2024-20305

A vulnerability in the web-based management interface of Cisco Unity Connection could allow an authenticated, remote attacker to conduct a cross-site scripting (XSS) attack against a user of the interface. This vulnerability exists because the web-based management interface does not properly valida...

4.8CVSS5AI score0.00078EPSS
CVE
CVE
added 2021/11/04 4:15 p.m.43 views

CVE-2021-34701

A vulnerability in the web-based management interface of Cisco Unified Communications Manager (Unified CM), Cisco Unified Communications Manager Session Management Edition (Unified CM SME), Cisco Unified Communications Manager IM & Presence Service (Unified CM IM&P), and Cisco Unity Connection coul...

4.3CVSS4.4AI score0.0009EPSS