Cisco

Unity Connection

47 vulnerabilities found.

Hinweis: Diese Liste kann unvollständig sein. Daten werden ohne Gewähr im Ursprungsformat bereitgestellt.
10

CVE-2017-12337

  • EPSS 12.27%
  • Published 16.11.2017 07:29:01
  • Last modified 31.07.2025 15:03:24

A vulnerability in the upgrade mechanism of Cisco collaboration products based on the Cisco Voice Operating System software platform could allow an unauthenticated, remote attacker to gain unauthorized, elevated access to an affected device. The vuln...

7.8

CVE-2015-6360

  • EPSS 17.94%
  • Published 21.04.2016 10:59:00
  • Last modified 12.04.2025 10:46:40

The encryption-processing feature in Cisco libSRTP before 1.5.3 allows remote attackers to cause a denial of service via crafted fields in SRTP packets, aka Bug ID CSCux00686.

6.1

CVE-2016-1377

  • EPSS 0.25%
  • Published 12.04.2016 23:59:35
  • Last modified 12.04.2025 10:46:40

Cross-site scripting (XSS) vulnerability in Cisco Unity Connection through 11.0 allows remote attackers to inject arbitrary web script or HTML via unspecified parameters, aka Bug ID CSCus21776.

7.1

CVE-2015-0616

  • EPSS 0.4%
  • Published 03.04.2015 18:59:04
  • Last modified 12.04.2025 10:46:40

The Connection Conversation Manager (aka CuCsMgr) process in Cisco Unity Connection 8.5 before 8.5(1)SU7, 8.6 before 8.6(2a)SU4, and 9.x before 9.1(2)SU2, when SIP trunk integration is enabled, allows remote attackers to cause a denial of service (co...

7.1

CVE-2015-0615

  • EPSS 0.4%
  • Published 03.04.2015 18:59:03
  • Last modified 12.04.2025 10:46:40

The call-handling implementation in Cisco Unity Connection 8.5 before 8.5(1)SU7, 8.6 before 8.6(2a)SU4, 9.x before 9.1(2)SU2, and 10.0 before 10.0(1)SU1, when SIP trunk integration is enabled, allows remote attackers to cause a denial of service (por...

7.1

CVE-2015-0614

  • EPSS 0.4%
  • Published 03.04.2015 18:59:02
  • Last modified 12.04.2025 10:46:40

The Connection Conversation Manager (aka CuCsMgr) process in Cisco Unity Connection 8.5 before 8.5(1)SU7, 8.6 before 8.6(2a)SU4, 9.x before 9.1(2)SU2, and 10.0 before 10.0(1)SU1, when SIP trunk integration is enabled, allows remote attackers to cause...

7.1

CVE-2015-0613

  • EPSS 0.4%
  • Published 03.04.2015 18:59:01
  • Last modified 12.04.2025 10:46:40

The Connection Conversation Manager (aka CuCsMgr) process in Cisco Unity Connection 8.5 before 8.5(1)SU7, 8.6 before 8.6(2a)SU4, 9.x before 9.1(2)SU2, and 10.0 before 10.0(1)SU1, when SIP trunk integration is enabled, allows remote attackers to cause...

4

CVE-2014-7988

  • EPSS 0.31%
  • Published 07.11.2014 11:55:03
  • Last modified 12.04.2025 10:46:40

The Unified Messaging Service (UMS) in Cisco Unity Connection 10.5 and earlier allows remote authenticated users to obtain sensitive information by reading log files, aka Bug ID CSCur06493.

4

CVE-2014-2145

  • EPSS 0.32%
  • Published 05.04.2014 04:01:38
  • Last modified 12.04.2025 10:46:40

Directory traversal vulnerability in the messaging API in Cisco Unity Connection allows remote authenticated users to read arbitrary files via vectors related to unenforced access constraints for .wav files and the audio/x-wav MIME type, aka Bug ID C...

4.3

CVE-2014-2125

  • EPSS 0.32%
  • Published 02.04.2014 03:58:17
  • Last modified 12.04.2025 10:46:40

Cross-site scripting (XSS) vulnerability in the Web Inbox in Cisco Unity Connection 8.6(2a)SU3 and earlier allows remote attackers to inject arbitrary web script or HTML via an unspecified parameter, aka Bug ID CSCui33028.