Cisco

Unity Connection

55 Schwachstellen gefunden.

Hinweis: Diese Liste kann unvollständig sein. Daten werden ohne Gewähr im Ursprungsformat bereitgestellt.
6.1

CVE-2019-12707

  • EPSS 0.15%
  • Veröffentlicht 02.10.2019 19:15:14
  • Zuletzt bearbeitet 21.11.2024 04:23:24

A vulnerability in the web-based interface of multiple Cisco Unified Communications products could allow an unauthenticated, remote attacker to conduct a cross-site scripting (XSS) attack against a user of the web-based interface of the affected soft...

6.1

CVE-2019-1685

  • EPSS 0.14%
  • Veröffentlicht 21.02.2019 20:29:00
  • Zuletzt bearbeitet 21.11.2024 04:37:05

A vulnerability in the Security Assertion Markup Language (SAML) single sign-on (SSO) interface of Cisco Unity Connection could allow an unauthenticated, remote attacker to conduct a cross-site scripting (XSS) attack against a user of the interface o...

4.8

CVE-2018-15426

  • EPSS 0.18%
  • Veröffentlicht 05.10.2018 14:29:11
  • Zuletzt bearbeitet 21.11.2024 03:50:46

A vulnerability in the web-based interface of Cisco Unity Connection could allow an authenticated, remote attacker to conduct a stored cross-site scripting (XSS) attack against a user of the web-based interface of the affected software. The vulnerabi...

5.4

CVE-2018-15403

  • EPSS 0.16%
  • Veröffentlicht 05.10.2018 14:29:08
  • Zuletzt bearbeitet 21.11.2024 03:50:42

A vulnerability in the web interface of Cisco Emergency Responder, Cisco Unified Communications Manager, Cisco Unified Communications Manager IM & Presence Service, and Cisco Unity Connection could allow an authenticated, remote attacker to redirect ...

6.8

CVE-2018-15396

  • EPSS 0.61%
  • Veröffentlicht 05.10.2018 14:29:08
  • Zuletzt bearbeitet 21.11.2024 03:50:41

A vulnerability in the Bulk Administration Tool (BAT) for Cisco Unity Connection could allow an authenticated, remote attacker to cause high disk utilization, resulting in a denial of service (DoS) condition. The vulnerability exists because the affe...

6.1

CVE-2018-0354

  • EPSS 0.45%
  • Veröffentlicht 07.06.2018 21:29:00
  • Zuletzt bearbeitet 21.11.2024 03:38:02

A vulnerability in the web framework of Cisco Unity Connection could allow an unauthenticated, remote attacker to conduct a cross-site scripting (XSS) attack against the user of the web interface of an affected system. The vulnerability is due to ins...

7.8

CVE-2017-6779

  • EPSS 0.57%
  • Veröffentlicht 07.06.2018 12:29:00
  • Zuletzt bearbeitet 31.07.2025 15:03:24

Multiple Cisco products are affected by a vulnerability in local file management for certain system log files of Cisco collaboration products that could allow an unauthenticated, remote attacker to cause high disk utilization, resulting in a denial o...

5.3

CVE-2018-0203

  • EPSS 0.75%
  • Veröffentlicht 22.02.2018 00:29:00
  • Zuletzt bearbeitet 21.11.2024 03:37:43

A vulnerability in the SMTP relay of Cisco Unity Connection could allow an unauthenticated, remote attacker to send unsolicited email messages, aka a Mail Relay Vulnerability. The vulnerability is due to improper handling of domain information in the...

10

CVE-2017-12337

  • EPSS 13.19%
  • Veröffentlicht 16.11.2017 07:29:01
  • Zuletzt bearbeitet 13.05.2026 00:24:29

A vulnerability in the upgrade mechanism of Cisco collaboration products based on the Cisco Voice Operating System software platform could allow an unauthenticated, remote attacker to gain unauthorized, elevated access to an affected device. The vuln...

7.8

CVE-2015-6360

  • EPSS 18.49%
  • Veröffentlicht 21.04.2016 10:59:00
  • Zuletzt bearbeitet 06.05.2026 22:30:45

The encryption-processing feature in Cisco libSRTP before 1.5.3 allows remote attackers to cause a denial of service via crafted fields in SRTP packets, aka Bug ID CSCux00686.