5 matches found
CVE-2021-44228
CVE-2021-44228 (Log4Shell) affects Apache Log4j2 2.0-beta9 through 2.15.0 (excluding some security releases) and is specific to log4j-core. The vulnerability arises from JNDI features used in configuration, log messages, and parameters, which can be exploited when an attacker can control log mess...
CVE-2024-20253
CVE-2024-20253 affects Cisco Unified Communications Manager and related UC/Contact Center products. The root cause is improper processing of user-supplied data read into memory, enabling an unauthenticated, remote attacker to send a crafted message to a listening port and execute arbitrary comman...
CVE-2017-6779
CVE-2017-6779 affects multiple Cisco VOS-based products (Emergency Responder, Finesse, UCM family, Unity Connection, UIC, SME, UCCx, MediaSense, Prime products, and related). Root cause: system log file has no maximum size limit, enabling an unauthenticated, remote attacker to cause high disk uti...
CVE-2025-20278
CVE-2025-20278 affects Cisco Unified Communications products. The vulnerability is a command-injection flaw in the CLI due to insufficient validation of command arguments, allowing an authenticated local attacker to execute arbitrary OS commands as root on an affected device. Exploitation require...
CVE-2021-1575
The CVE-2021-1575 issue affects Cisco Virtualized Voice Browser (VVB) in its web-based management interface. The root cause is improper validation of user-supplied input in the interface, enabling unauthenticated, remote attackers to perform cross-site scripting by convincing a user to click a cr...