Cisco

Unified Communications Manager

204 Schwachstellen gefunden.

Hinweis: Diese Liste kann unvollständig sein. Daten werden ohne Gewähr im Ursprungsformat bereitgestellt.
4

CVE-2014-3318

  • EPSS 0.5%
  • Veröffentlicht 10.07.2014 11:06:28
  • Zuletzt bearbeitet 12.04.2025 10:46:40

Directory traversal vulnerability in dna/viewfilecontents.do in the Dialed Number Analyzer (DNA) component in Cisco Unified Communications Manager allows remote authenticated users to read arbitrary files via a crafted URL, aka Bug ID CSCup76318.

4.3

CVE-2014-3315

  • EPSS 0.36%
  • Veröffentlicht 10.07.2014 11:06:27
  • Zuletzt bearbeitet 12.04.2025 10:46:40

Cross-site scripting (XSS) vulnerability in viewfilecontents.do in the Dialed Number Analyzer (DNA) component in Cisco Unified Communications Manager allows remote attackers to inject arbitrary web script or HTML via an unspecified parameter, aka Bug...

4

CVE-2014-3287

  • EPSS 0.24%
  • Veröffentlicht 10.06.2014 11:19:35
  • Zuletzt bearbeitet 12.04.2025 10:46:40

SQL injection vulnerability in BulkViewFileContentsAction.java in the Java interface in Cisco Unified Communications Manager (Unified CM) allows remote authenticated users to execute arbitrary SQL commands via crafted filename parameters in a URL, ak...

5.5

CVE-2014-3292

  • EPSS 0.96%
  • Veröffentlicht 10.06.2014 11:19:35
  • Zuletzt bearbeitet 12.04.2025 10:46:40

The Real Time Monitoring Tool (RTMT) implementation in Cisco Unified Communications Manager (Unified CM) allows remote authenticated users to (1) read or (2) delete arbitrary files via a crafted URL, aka Bug IDs CSCuo17302 and CSCuo17199.

5

CVE-2014-2184

  • EPSS 0.25%
  • Veröffentlicht 29.04.2014 10:37:04
  • Zuletzt bearbeitet 12.04.2025 10:46:40

The IP Manager Assistant (IPMA) component in Cisco Unified Communications Manager (Unified CM) allows remote attackers to obtain sensitive information via a crafted URL, aka Bug ID CSCun74352.

4

CVE-2014-2185

  • EPSS 0.18%
  • Veröffentlicht 29.04.2014 10:37:04
  • Zuletzt bearbeitet 12.04.2025 10:46:40

The Call Detail Records (CDR) Management component in Cisco Unified Communications Manager (Unified CM) allows remote authenticated users to obtain sensitive information by reading extraneous fields in an HTML document, aka Bug ID CSCun74374.

6.8

CVE-2014-0740

  • EPSS 0.13%
  • Veröffentlicht 27.02.2014 01:55:03
  • Zuletzt bearbeitet 12.04.2025 10:46:40

Cross-site request forgery (CSRF) vulnerability in the Call Detail Records Analysis and Reporting (CAR) interface in the OS Administration component in Cisco Unified Communications Manager (Unified CM) 10.0(1) and earlier allows remote attackers to h...

6.2

CVE-2014-0741

  • EPSS 0.04%
  • Veröffentlicht 27.02.2014 01:55:03
  • Zuletzt bearbeitet 12.04.2025 10:46:40

The certificate-import feature in the Certificate Authority Proxy Function (CAPF) CLI implementation in Cisco Unified Communications Manager (Unified CM) 10.0(1) and earlier allows local users to read or modify arbitrary files via a crafted command, ...

6.2

CVE-2014-0742

  • EPSS 0.04%
  • Veröffentlicht 27.02.2014 01:55:03
  • Zuletzt bearbeitet 12.04.2025 10:46:40

The Certificate Authority Proxy Function (CAPF) CLI implementation in the CSR management feature in Cisco Unified Communications Manager (Unified CM) 10.0(1) and earlier allows local users to read or modify arbitrary files via unspecified vectors, ak...

5

CVE-2014-0743

  • EPSS 0.46%
  • Veröffentlicht 27.02.2014 01:55:03
  • Zuletzt bearbeitet 12.04.2025 10:46:40

The Certificate Authority Proxy Function (CAPF) component in Cisco Unified Communications Manager (Unified CM) 10.0(1) and earlier allows remote attackers to bypass authentication and modify registered-device information via crafted data, aka Bug ID ...