Cisco

Unified Communications Manager

204 Schwachstellen gefunden.

Hinweis: Diese Liste kann unvollständig sein. Daten werden ohne Gewähr im Ursprungsformat bereitgestellt.
6.8

CVE-2014-0747

  • EPSS 0.05%
  • Veröffentlicht 27.02.2014 01:55:03
  • Zuletzt bearbeitet 12.04.2025 10:46:40

The Certificate Authority Proxy Function (CAPF) CLI implementation in Cisco Unified Communications Manager (Unified CM) 10.0(1) and earlier allows local users to inject commands via unspecified CAPF programs, aka Bug ID CSCum95493.

5

CVE-2014-0731

  • EPSS 0.22%
  • Veröffentlicht 22.02.2014 21:55:09
  • Zuletzt bearbeitet 11.04.2025 00:51:21

The administration interface in Cisco Unified Communications Manager (Unified CM) 10.0(1) and earlier allows remote attackers to bypass authentication and read Java class files via a direct request, aka Bug ID CSCum46497.

5

CVE-2014-0733

  • EPSS 0.3%
  • Veröffentlicht 20.02.2014 15:27:09
  • Zuletzt bearbeitet 11.04.2025 00:51:21

The Enterprise License Manager (ELM) component in Cisco Unified Communications Manager (Unified CM) 10.0(1) and earlier does not properly enforce authentication requirements, which allows remote attackers to read ELM files via a direct request to a U...

5

CVE-2014-0732

  • EPSS 0.21%
  • Veröffentlicht 20.02.2014 05:18:04
  • Zuletzt bearbeitet 11.04.2025 00:51:21

The Real Time Monitoring Tool (RTMT) web application in Cisco Unified Communications Manager (Unified CM) 10.0(1) and earlier does not properly enforce authentication requirements, which allows remote attackers to read application files via a direct ...

7.5

CVE-2014-0734

  • EPSS 0.22%
  • Veröffentlicht 20.02.2014 05:18:04
  • Zuletzt bearbeitet 11.04.2025 00:51:21

SQL injection vulnerability in the Certificate Authority Proxy Function (CAPF) implementation in Cisco Unified Communications Manager (Unified CM) 10.0(1) and earlier allows remote attackers to execute arbitrary SQL commands via a crafted URL, aka Bu...

4.3

CVE-2014-0735

  • EPSS 0.28%
  • Veröffentlicht 20.02.2014 05:18:04
  • Zuletzt bearbeitet 11.04.2025 00:51:21

Cross-site scripting (XSS) vulnerability in the IP Manager Assistant (IPMA) interface in Cisco Unified Communications Manager (Unified CM) 10.0(1) and earlier allows remote attackers to inject arbitrary web script or HTML via a crafted URL, aka Bug I...

6.8

CVE-2014-0736

  • EPSS 0.13%
  • Veröffentlicht 20.02.2014 05:18:04
  • Zuletzt bearbeitet 11.04.2025 00:51:21

Cross-site request forgery (CSRF) vulnerability in the Call Detail Records Analysis and Reporting (CAR) page in Cisco Unified Communications Manager (Unified CM) 10.0(1) and earlier allows remote attackers to hijack the authentication of arbitrary us...

5

CVE-2014-0722

  • EPSS 0.74%
  • Veröffentlicht 13.02.2014 05:24:51
  • Zuletzt bearbeitet 11.04.2025 00:51:21

The log4jinit web application in Cisco Unified Communications Manager (UCM) does not properly validate authentication, which allows remote attackers to cause a denial of service (performance degradation) via unspecified use of this application, aka B...

4.3

CVE-2014-0723

  • EPSS 0.29%
  • Veröffentlicht 13.02.2014 05:24:51
  • Zuletzt bearbeitet 11.04.2025 00:51:21

Cross-site scripting (XSS) vulnerability in the IP Manager Assistant (IPMA) interface in Cisco Unified Communications Manager (UCM) allows remote attackers to inject arbitrary web script or HTML via a crafted URL, aka Bug ID CSCum05343.

4

CVE-2014-0724

  • EPSS 0.28%
  • Veröffentlicht 13.02.2014 05:24:51
  • Zuletzt bearbeitet 11.04.2025 00:51:21

The bulk administration interface in Cisco Unified Communications Manager (UCM) 10.0(1) and earlier allows remote attackers to bypass authentication and read arbitrary files by using an unspecified prompt, aka Bug ID CSCum05340.