Cisco

Emergency Responder

22 vulnerabilities found.

Hinweis: Diese Liste kann unvollständig sein. Daten werden ohne Gewähr im Ursprungsformat bereitgestellt.
7.8

CVE-2017-6779

  • EPSS 1.28%
  • Published 07.06.2018 12:29:00
  • Last modified 31.07.2025 15:03:24

Multiple Cisco products are affected by a vulnerability in local file management for certain system log files of Cisco collaboration products that could allow an unauthenticated, remote attacker to cause high disk utilization, resulting in a denial o...

10

CVE-2017-12337

  • EPSS 12.27%
  • Published 16.11.2017 07:29:01
  • Last modified 31.07.2025 15:03:24

A vulnerability in the upgrade mechanism of Cisco collaboration products based on the Cisco Voice Operating System software platform could allow an unauthenticated, remote attacker to gain unauthorized, elevated access to an affected device. The vuln...

5.5

CVE-2017-12227

  • EPSS 0.18%
  • Published 07.09.2017 21:29:00
  • Last modified 20.04.2025 01:37:25

A vulnerability in the SQL database interface for Cisco Emergency Responder could allow an authenticated, remote attacker to conduct a blind SQL injection attack. The vulnerability is due to a failure to validate user-supplied input used in SQL queri...

4.3

CVE-2014-2117

  • EPSS 0.38%
  • Published 04.04.2014 15:10:37
  • Last modified 12.04.2025 10:46:40

Multiple open redirect vulnerabilities in Cisco Emergency Responder (ER) 8.6 and earlier allow remote attackers to redirect users to arbitrary web sites and conduct phishing attacks via unspecified parameters, aka Bug ID CSCun37909.

4.3

CVE-2014-2116

  • EPSS 0.38%
  • Published 04.04.2014 15:10:37
  • Last modified 12.04.2025 10:46:40

Cisco Emergency Responder (ER) 8.6 and earlier allows remote attackers to inject web pages and modify dynamic content via unspecified parameters, aka Bug ID CSCun37882.

6.8

CVE-2014-2115

  • EPSS 0.14%
  • Published 04.04.2014 15:10:37
  • Last modified 12.04.2025 10:46:40

Multiple cross-site request forgery (CSRF) vulnerabilities in CERUserServlet pages in Cisco Emergency Responder (ER) 8.6 and earlier allow remote attackers to hijack the authentication of arbitrary users, aka Bug ID CSCun24250.

4.3

CVE-2014-2114

  • EPSS 0.28%
  • Published 04.04.2014 15:10:20
  • Last modified 12.04.2025 10:46:40

Cross-site scripting (XSS) vulnerability in UserServlet in Cisco Emergency Responder (ER) 8.6 and earlier allows remote attackers to inject arbitrary web script or HTML via an unspecified parameter, aka Bug ID CSCun24384.

5

CVE-2012-1346

  • EPSS 0.47%
  • Published 06.08.2012 18:55:00
  • Last modified 11.04.2025 00:51:21

Cisco Emergency Responder 8.6 and 9.2 allows remote attackers to cause a denial of service (CPU consumption) by sending malformed UDP packets to the CERPT port, aka Bug ID CSCtx38369.

10

CVE-2008-1154

  • EPSS 5.57%
  • Published 04.04.2008 19:44:00
  • Last modified 09.04.2025 00:30:58

The Disaster Recovery Framework (DRF) master server in Cisco Unified Communications products, including Unified Communications Manager (CUCM) 5.x and 6.x, Unified Presence 1.x and 6.x, Emergency Responder 2.x, and Mobility Manager 2.x, does not requi...

5

CVE-2005-0356

Exploit
  • EPSS 80.86%
  • Published 31.05.2005 04:00:00
  • Last modified 03.04.2025 01:03:51

Multiple TCP implementations with Protection Against Wrapped Sequence Numbers (PAWS) with the timestamps option enabled allow remote attackers to cause a denial of service (connection loss) via a spoofed packet with a large timer value, which causes ...