Cisco

Unity Connection

55 Schwachstellen gefunden.

Hinweis: Diese Liste kann unvollständig sein. Daten werden ohne Gewähr im Ursprungsformat bereitgestellt.
6.1

CVE-2016-1377

  • EPSS 0.25%
  • Veröffentlicht 12.04.2016 23:59:35
  • Zuletzt bearbeitet 06.05.2026 22:30:45

Cross-site scripting (XSS) vulnerability in Cisco Unity Connection through 11.0 allows remote attackers to inject arbitrary web script or HTML via unspecified parameters, aka Bug ID CSCus21776.

7.1

CVE-2015-0616

  • EPSS 0.4%
  • Veröffentlicht 03.04.2015 18:59:04
  • Zuletzt bearbeitet 06.05.2026 22:30:45

The Connection Conversation Manager (aka CuCsMgr) process in Cisco Unity Connection 8.5 before 8.5(1)SU7, 8.6 before 8.6(2a)SU4, and 9.x before 9.1(2)SU2, when SIP trunk integration is enabled, allows remote attackers to cause a denial of service (co...

7.1

CVE-2015-0615

  • EPSS 0.4%
  • Veröffentlicht 03.04.2015 18:59:03
  • Zuletzt bearbeitet 06.05.2026 22:30:45

The call-handling implementation in Cisco Unity Connection 8.5 before 8.5(1)SU7, 8.6 before 8.6(2a)SU4, 9.x before 9.1(2)SU2, and 10.0 before 10.0(1)SU1, when SIP trunk integration is enabled, allows remote attackers to cause a denial of service (por...

7.1

CVE-2015-0614

  • EPSS 0.4%
  • Veröffentlicht 03.04.2015 18:59:02
  • Zuletzt bearbeitet 06.05.2026 22:30:45

The Connection Conversation Manager (aka CuCsMgr) process in Cisco Unity Connection 8.5 before 8.5(1)SU7, 8.6 before 8.6(2a)SU4, 9.x before 9.1(2)SU2, and 10.0 before 10.0(1)SU1, when SIP trunk integration is enabled, allows remote attackers to cause...

7.1

CVE-2015-0613

  • EPSS 0.4%
  • Veröffentlicht 03.04.2015 18:59:01
  • Zuletzt bearbeitet 06.05.2026 22:30:45

The Connection Conversation Manager (aka CuCsMgr) process in Cisco Unity Connection 8.5 before 8.5(1)SU7, 8.6 before 8.6(2a)SU4, 9.x before 9.1(2)SU2, and 10.0 before 10.0(1)SU1, when SIP trunk integration is enabled, allows remote attackers to cause...

4

CVE-2014-7988

  • EPSS 0.31%
  • Veröffentlicht 07.11.2014 11:55:03
  • Zuletzt bearbeitet 06.05.2026 22:30:45

The Unified Messaging Service (UMS) in Cisco Unity Connection 10.5 and earlier allows remote authenticated users to obtain sensitive information by reading log files, aka Bug ID CSCur06493.

4

CVE-2014-2145

  • EPSS 0.15%
  • Veröffentlicht 05.04.2014 04:01:38
  • Zuletzt bearbeitet 06.05.2026 22:30:45

Directory traversal vulnerability in the messaging API in Cisco Unity Connection allows remote authenticated users to read arbitrary files via vectors related to unenforced access constraints for .wav files and the audio/x-wav MIME type, aka Bug ID C...

4.3

CVE-2014-2125

  • EPSS 0.32%
  • Veröffentlicht 02.04.2014 03:58:17
  • Zuletzt bearbeitet 06.05.2026 22:30:45

Cross-site scripting (XSS) vulnerability in the Web Inbox in Cisco Unity Connection 8.6(2a)SU3 and earlier allows remote attackers to inject arbitrary web script or HTML via an unspecified parameter, aka Bug ID CSCui33028.

6.8

CVE-2014-0664

  • EPSS 1.84%
  • Veröffentlicht 10.01.2014 16:47:06
  • Zuletzt bearbeitet 29.04.2026 01:13:23

The server in Cisco Unity Connection allows remote authenticated users to cause a denial of service (CPU consumption) via unspecified IMAP commands, aka Bug ID CSCul49976.

4

CVE-2013-5534

  • EPSS 0.22%
  • Veröffentlicht 19.10.2013 10:36:08
  • Zuletzt bearbeitet 29.04.2026 01:13:23

Directory traversal vulnerability in the attachment service in the Voice Message Web Service (aka VMWS or Cisco Unity Web Service) in Cisco Unity Connection allows remote authenticated users to create files, and consequently execute arbitrary JSP cod...