Cisco

Unified Customer Voice Portal

15 vulnerabilities found.

Hinweis: Diese Liste kann unvollständig sein. Daten werden ohne Gewähr im Ursprungsformat bereitgestellt.
10

CVE-2021-44228

Warning Exploit
  • EPSS 94.36%
  • Published 10.12.2021 10:15:09
  • Last modified 08.08.2025 18:52:00

Apache Log4j2 2.0-beta9 through 2.15.0 (excluding security releases 2.12.2, 2.12.3, and 2.3.1) JNDI features used in configuration, log messages, and parameters do not protect against attacker controlled LDAP and other JNDI related endpoints. An atta...

5.4

CVE-2021-1599

  • EPSS 0.32%
  • Published 22.07.2021 16:15:08
  • Last modified 21.11.2024 05:44:42

A vulnerability in the web-based management interface of Cisco Unified Customer Voice Portal (CVP) could allow an authenticated, remote attacker to perform a cross-site scripting (XSS) attack against a user. This vulnerability is due to insufficient ...

6.8

CVE-2019-16017

  • EPSS 0.1%
  • Published 23.09.2020 01:15:13
  • Last modified 21.11.2024 04:29:55

A vulnerability in the Operations, Administration, Maintenance and Provisioning (OAMP) OpsConsole Server for Cisco Unified Customer Voice Portal (CVP) could allow an authenticated, remote attacker to execute Insecure Direct Object Reference actions o...

7.5

CVE-2020-3402

  • EPSS 0.51%
  • Published 02.07.2020 05:15:11
  • Last modified 21.11.2024 05:30:57

A vulnerability in the Java Remote Method Invocation (RMI) interface of Cisco Unified Customer Voice Portal (CVP) could allow an unauthenticated, remote attacker to access sensitive information on an affected device. The vulnerability exists because ...

8.6

CVE-2018-0139

  • EPSS 1.41%
  • Published 22.02.2018 00:29:00
  • Last modified 21.11.2024 03:37:35

A vulnerability in the Interactive Voice Response (IVR) management connection interface for Cisco Unified Customer Voice Portal (CVP) could allow an unauthenticated, remote attacker to cause the IVR connection to disconnect, creating a system-wide de...

8.6

CVE-2018-0086

  • EPSS 1.65%
  • Published 18.01.2018 06:29:00
  • Last modified 21.11.2024 03:37:29

A vulnerability in the application server of the Cisco Unified Customer Voice Portal (CVP) could allow an unauthenticated, remote attacker to cause a denial of service (DoS) condition on the affected device. The vulnerability is due to malformed SIP ...

8.8

CVE-2017-12214

  • EPSS 0.92%
  • Published 21.09.2017 05:29:00
  • Last modified 20.04.2025 01:37:25

A vulnerability in the Operations, Administration, Maintenance, and Provisioning (OAMP) credential reset functionality for Cisco Unified Customer Voice Portal (CVP) could allow an authenticated, remote attacker to gain elevated privileges. The vulner...

4.3

CVE-2014-3325

  • EPSS 0.4%
  • Published 19.07.2014 19:55:06
  • Last modified 12.04.2025 10:46:40

Multiple cross-site scripting (XSS) vulnerabilities in Cisco Unified Customer Voice Portal (CVP) allow remote attackers to inject arbitrary web script or HTML via a crafted parameter, aka Bug IDs CSCuh61711, CSCuh61720, CSCuh61723, CSCuh61726, CSCuh6...

7.8

CVE-2013-1220

  • EPSS 0.43%
  • Published 09.05.2013 12:31:19
  • Last modified 11.04.2025 00:51:21

The CallServer component in Cisco Unified Customer Voice Portal (CVP) Software before 9.0.1 ES 11 allows remote attackers to cause a denial of service (call-acceptance outage) via malformed SIP INVITE messages, aka Bug ID CSCua65148.

10

CVE-2013-1221

  • EPSS 6.26%
  • Published 09.05.2013 12:31:19
  • Last modified 11.04.2025 00:51:21

The Tomcat Web Management feature in Cisco Unified Customer Voice Portal (CVP) Software before 9.0.1 ES 11 does not properly configure Tomcat components, which allows remote attackers to execute arbitrary code via a crafted (1) HTTP or (2) HTTPS requ...