Cisco

Unified Customer Voice Portal

15 Schwachstellen gefunden.

Hinweis: Diese Liste kann unvollständig sein. Daten werden ohne Gewähr im Ursprungsformat bereitgestellt.
10

CVE-2021-44228

Warnung Exploit
  • EPSS 94.36%
  • Veröffentlicht 10.12.2021 10:15:09
  • Zuletzt bearbeitet 08.08.2025 18:52:00

Apache Log4j2 2.0-beta9 through 2.15.0 (excluding security releases 2.12.2, 2.12.3, and 2.3.1) JNDI features used in configuration, log messages, and parameters do not protect against attacker controlled LDAP and other JNDI related endpoints. An atta...

5.4

CVE-2021-1599

  • EPSS 0.32%
  • Veröffentlicht 22.07.2021 16:15:08
  • Zuletzt bearbeitet 21.11.2024 05:44:42

A vulnerability in the web-based management interface of Cisco Unified Customer Voice Portal (CVP) could allow an authenticated, remote attacker to perform a cross-site scripting (XSS) attack against a user. This vulnerability is due to insufficient ...

6.8

CVE-2019-16017

  • EPSS 0.1%
  • Veröffentlicht 23.09.2020 01:15:13
  • Zuletzt bearbeitet 21.11.2024 04:29:55

A vulnerability in the Operations, Administration, Maintenance and Provisioning (OAMP) OpsConsole Server for Cisco Unified Customer Voice Portal (CVP) could allow an authenticated, remote attacker to execute Insecure Direct Object Reference actions o...

7.5

CVE-2020-3402

  • EPSS 0.51%
  • Veröffentlicht 02.07.2020 05:15:11
  • Zuletzt bearbeitet 21.11.2024 05:30:57

A vulnerability in the Java Remote Method Invocation (RMI) interface of Cisco Unified Customer Voice Portal (CVP) could allow an unauthenticated, remote attacker to access sensitive information on an affected device. The vulnerability exists because ...

8.6

CVE-2018-0139

  • EPSS 1.41%
  • Veröffentlicht 22.02.2018 00:29:00
  • Zuletzt bearbeitet 21.11.2024 03:37:35

A vulnerability in the Interactive Voice Response (IVR) management connection interface for Cisco Unified Customer Voice Portal (CVP) could allow an unauthenticated, remote attacker to cause the IVR connection to disconnect, creating a system-wide de...

8.6

CVE-2018-0086

  • EPSS 1.65%
  • Veröffentlicht 18.01.2018 06:29:00
  • Zuletzt bearbeitet 21.11.2024 03:37:29

A vulnerability in the application server of the Cisco Unified Customer Voice Portal (CVP) could allow an unauthenticated, remote attacker to cause a denial of service (DoS) condition on the affected device. The vulnerability is due to malformed SIP ...

8.8

CVE-2017-12214

  • EPSS 0.92%
  • Veröffentlicht 21.09.2017 05:29:00
  • Zuletzt bearbeitet 20.04.2025 01:37:25

A vulnerability in the Operations, Administration, Maintenance, and Provisioning (OAMP) credential reset functionality for Cisco Unified Customer Voice Portal (CVP) could allow an authenticated, remote attacker to gain elevated privileges. The vulner...

4.3

CVE-2014-3325

  • EPSS 0.4%
  • Veröffentlicht 19.07.2014 19:55:06
  • Zuletzt bearbeitet 12.04.2025 10:46:40

Multiple cross-site scripting (XSS) vulnerabilities in Cisco Unified Customer Voice Portal (CVP) allow remote attackers to inject arbitrary web script or HTML via a crafted parameter, aka Bug IDs CSCuh61711, CSCuh61720, CSCuh61723, CSCuh61726, CSCuh6...

7.8

CVE-2013-1220

  • EPSS 0.43%
  • Veröffentlicht 09.05.2013 12:31:19
  • Zuletzt bearbeitet 11.04.2025 00:51:21

The CallServer component in Cisco Unified Customer Voice Portal (CVP) Software before 9.0.1 ES 11 allows remote attackers to cause a denial of service (call-acceptance outage) via malformed SIP INVITE messages, aka Bug ID CSCua65148.

10

CVE-2013-1221

  • EPSS 6.26%
  • Veröffentlicht 09.05.2013 12:31:19
  • Zuletzt bearbeitet 11.04.2025 00:51:21

The Tomcat Web Management feature in Cisco Unified Customer Voice Portal (CVP) Software before 9.0.1 ES 11 does not properly configure Tomcat components, which allows remote attackers to execute arbitrary code via a crafted (1) HTTP or (2) HTTPS requ...