Unity Connection@11.0(0.98000.225) Security Vulnerabilities and Issues — Unity Connection@11.0(0.98000.225) CVE List

Lucene search

CiscoUnity Connection11.0(0.98000.225)

4 matches found

CVE•added 2016/04/21 10:59 a.m.•106 views

CVE-2015-6360

The encryption-processing feature in Cisco libSRTP before 1.5.3 allows remote attackers to cause a denial of service via crafted fields in SRTP packets, aka Bug ID CSCux00686.

7.8CVSS7.1AI score0.12366EPSS

CVE•added 2015/05/07 1:59 a.m.•46 views

CVE-2015-0715

SQL injection vulnerability in the administrative web interface in Cisco Unified Communications Manager 11.0(0.98000.225) allows remote authenticated users to execute arbitrary SQL commands via unspecified vectors, aka Bug IDs CSCut33447 and CSCut33608.

6.5CVSS8.2AI score0.00287EPSS

CVE•added 2016/04/12 11:59 p.m.•43 views

CVE-2016-1377

Cross-site scripting (XSS) vulnerability in Cisco Unity Connection through 11.0 allows remote attackers to inject arbitrary web script or HTML via unspecified parameters, aka Bug ID CSCus21776.

6.1CVSS6AI score0.00383EPSS

CVE•added 2015/05/07 1:59 a.m.•38 views

CVE-2015-0716

Cross-site request forgery (CSRF) vulnerability in the CUCReports page in Cisco Unity Connection 11.0(0.98000.225) and 11.0(0.98000.332) allows remote attackers to hijack the authentication of arbitrary users, aka Bug ID CSCut33659.

6.8CVSS7.4AI score0.00116EPSS