Cisco

Unified Communications Manager

204 Schwachstellen gefunden.

Hinweis: Diese Liste kann unvollständig sein. Daten werden ohne Gewähr im Ursprungsformat bereitgestellt.
6.8

CVE-2013-3451

  • EPSS 0.12%
  • Veröffentlicht 05.08.2013 13:22:47
  • Zuletzt bearbeitet 11.04.2025 00:51:21

Multiple cross-site request forgery (CSRF) vulnerabilities in Cisco Unified Communications Manager (Unified CM) allow remote attackers to hijack the authentication of arbitrary users for requests that perform arbitrary Unified CM operations, aka Bug ...

6.5

CVE-2013-3402

  • EPSS 0.36%
  • Veröffentlicht 18.07.2013 12:48:56
  • Zuletzt bearbeitet 11.04.2025 00:51:21

An unspecified function in Cisco Unified Communications Manager (CUCM) 7.1(x) through 9.1(2) allows remote authenticated users to execute arbitrary commands via unknown vectors, aka Bug ID CSCuh73440.

6.8

CVE-2013-3403

  • EPSS 0.13%
  • Veröffentlicht 18.07.2013 12:48:56
  • Zuletzt bearbeitet 11.04.2025 00:51:21

Multiple untrusted search path vulnerabilities in Cisco Unified Communications Manager (CUCM) 7.1(x) through 9.1(1a) allow local users to gain privileges by leveraging unspecified file-permission and environment-variable issues for privileged program...

7.5

CVE-2013-3404

  • EPSS 0.37%
  • Veröffentlicht 18.07.2013 12:48:56
  • Zuletzt bearbeitet 11.04.2025 00:51:21

SQL injection vulnerability in Cisco Unified Communications Manager (CUCM) 7.1(x) through 9.1(1a) allows remote attackers to execute arbitrary SQL commands via unspecified vectors, leading to discovery of encrypted credentials by leveraging metadata,...

6.5

CVE-2013-3412

  • EPSS 0.31%
  • Veröffentlicht 18.07.2013 12:48:56
  • Zuletzt bearbeitet 11.04.2025 00:51:21

SQL injection vulnerability in Cisco Unified Communications Manager (CUCM) 7.1(x) through 9.1(2) allows remote authenticated users to execute arbitrary SQL commands via unspecified vectors, aka Bug ID CSCuh81766.

6.8

CVE-2013-3433

  • EPSS 0.1%
  • Veröffentlicht 18.07.2013 12:48:56
  • Zuletzt bearbeitet 11.04.2025 00:51:21

Untrusted search path vulnerability in Cisco Unified Communications Manager (CUCM) 7.1(x) through 9.1(1a) allows local users to gain privileges by leveraging unspecified file-permission and environment-variable issues for privileged programs, aka Bug...

6.8

CVE-2013-3434

  • EPSS 0.1%
  • Veröffentlicht 18.07.2013 12:48:56
  • Zuletzt bearbeitet 11.04.2025 00:51:21

Untrusted search path vulnerability in Cisco Unified Communications Manager (CUCM) 7.1(x) through 9.1(1a) allows local users to gain privileges by leveraging unspecified file-permission and environment-variable issues for privileged programs, aka Bug...

0

CVE-2013-4869

  • EPSS 0.14%
  • Veröffentlicht 18.07.2013 12:48:56
  • Zuletzt bearbeitet 11.04.2025 00:51:21

Cisco Unified Communications Manager (CUCM) 7.1(x) through 9.1(2) and the IM & Presence Service in Cisco Unified Presence Server through 9.1(2) use the same CTI and database-encryption key across different customers' installations, which makes it eas...

6.8

CVE-2013-3397

  • EPSS 0.12%
  • Veröffentlicht 26.06.2013 21:55:04
  • Zuletzt bearbeitet 11.04.2025 00:51:21

Cross-site request forgery (CSRF) vulnerability in the Unified Serviceability component in Cisco Unified Communications Manager (CUCM) allows remote attackers to hijack the authentication of arbitrary users for requests that perform Unified Serviceab...

5

CVE-2013-1188

  • EPSS 0.66%
  • Veröffentlicht 16.05.2013 03:36:22
  • Zuletzt bearbeitet 11.04.2025 00:51:21

Cisco Unified Communications Manager (CUCM) does not properly limit the rate of authentication attempts, which allows remote attackers to cause a denial of service (application slowdown) via a series of requests, aka Bug ID CSCud39515.