Unity Connection@9.1(2) Security Vulnerabilities and Issues — Unity Connection@9.1(2) CVE List

Lucene search

CiscoUnity Connection9.1(2)

9 matches found

CVE•added 2016/04/21 10:59 a.m.•106 views

CVE-2015-6360

The encryption-processing feature in Cisco libSRTP before 1.5.3 allows remote attackers to cause a denial of service via crafted fields in SRTP packets, aka Bug ID CSCux00686.

7.8CVSS7.1AI score0.12366EPSS

CVE•added 2015/04/03 6:59 p.m.•55 views

CVE-2015-0613

The Connection Conversation Manager (aka CuCsMgr) process in Cisco Unity Connection 8.5 before 8.5(1)SU7, 8.6 before 8.6(2a)SU4, 9.x before 9.1(2)SU2, and 10.0 before 10.0(1)SU1, when SIP trunk integration is enabled, allows remote attackers to cause a denial of service (core dump and restart) via ...

7.1CVSS6.7AI score0.00399EPSS

CVE•added 2015/04/03 6:59 p.m.•51 views

CVE-2015-0612

The Connection Conversation Manager (aka CuCsMgr) process in Cisco Unity Connection 8.5 before 8.5(1)SU6, 8.6 before 8.6(2a)SU4, and 9.x before 9.1(2)SU2, when SIP trunk integration is enabled, allows remote attackers to cause a denial of service (SIP outage) via a crafted UDP packet, aka Bug ID CS...

7.1CVSS6.6AI score0.00399EPSS

CVE•added 2015/04/03 6:59 p.m.•50 views

CVE-2015-0614

7.1CVSS6.7AI score0.00399EPSS

CVE•added 2014/08/11 8:55 p.m.•46 views

CVE-2014-3333

The server in Cisco Unity Connection 9.1(1) and 9.1(2) allows remote authenticated users to obtain privileged access by conducting an "HTTP Intercept" attack and leveraging the ability to read files within the context of the web-server user account, aka Bug ID CSCup41014.

9CVSS6.2AI score0.01832EPSS

CVE•added 2015/04/03 6:59 p.m.•45 views

CVE-2015-0616

The Connection Conversation Manager (aka CuCsMgr) process in Cisco Unity Connection 8.5 before 8.5(1)SU7, 8.6 before 8.6(2a)SU4, and 9.x before 9.1(2)SU2, when SIP trunk integration is enabled, allows remote attackers to cause a denial of service (core dump and restart) by improperly terminating SI...

7.1CVSS6.7AI score0.00399EPSS

CVE•added 2015/04/03 6:59 p.m.•44 views

CVE-2015-0615

The call-handling implementation in Cisco Unity Connection 8.5 before 8.5(1)SU7, 8.6 before 8.6(2a)SU4, 9.x before 9.1(2)SU2, and 10.0 before 10.0(1)SU1, when SIP trunk integration is enabled, allows remote attackers to cause a denial of service (port consumption) by improperly terminating SIP sess...

7.1CVSS6.7AI score0.00399EPSS

CVE•added 2014/08/11 8:55 p.m.•40 views

CVE-2014-3336

SQL injection vulnerability in the web framework in Cisco Unity Connection 9.1(2) and earlier allows remote authenticated users to execute arbitrary SQL commands via a crafted request, aka Bug ID CSCuq31016.

6.5CVSS8.1AI score0.00732EPSS

CVE•added 2015/09/20 2:59 p.m.•40 views

CVE-2015-6299

SQL injection vulnerability in the web interface in Cisco Unity Connection 9.1(1.2) and earlier allows remote authenticated users to execute arbitrary SQL commands via a crafted POST request, aka Bug ID CSCuv63824.

6.5CVSS8.1AI score0.00287EPSS