Cisco

Unified Communications Manager

204 Schwachstellen gefunden.

Hinweis: Diese Liste kann unvollständig sein. Daten werden ohne Gewähr im Ursprungsformat bereitgestellt.
4.3

CVE-2015-4206

  • EPSS 0.91%
  • Veröffentlicht 15.12.2015 05:59:00
  • Zuletzt bearbeitet 12.04.2025 10:46:40

Cisco Unified Communications Manager (UCM) 8.0 through 8.6 allows remote attackers to bypass an XSS protection mechanism via a crafted parameter, aka Bug ID CSCuu15266.

6.8

CVE-2014-8008

  • EPSS 8.32%
  • Veröffentlicht 22.01.2015 14:01:14
  • Zuletzt bearbeitet 12.04.2025 10:46:40

Absolute path traversal vulnerability in the Real-Time Monitoring Tool (RTMT) API in Cisco Unified Communications Manager (CUCM) allows remote authenticated users to read arbitrary files via a full pathname in an API command, aka Bug ID CSCur49414.

4.3

CVE-2014-7991

  • EPSS 0.29%
  • Veröffentlicht 14.11.2014 00:59:03
  • Zuletzt bearbeitet 12.04.2025 10:46:40

The Remote Mobile Access Subsystem in Cisco Unified Communications Manager (CM) 10.0(1) and earlier does not properly validate the Subject Alternative Name (SAN) field of an X.509 certificate, which allows man-in-the-middle attackers to spoof VCS cor...

6.5

CVE-2014-3366

  • EPSS 0.28%
  • Veröffentlicht 31.10.2014 10:55:02
  • Zuletzt bearbeitet 12.04.2025 10:46:40

SQL injection vulnerability in the administrative web interface in Cisco Unified Communications Manager allows remote authenticated users to execute arbitrary SQL commands via a crafted response, aka Bug ID CSCup88089.

4.3

CVE-2014-3372

  • EPSS 0.44%
  • Veröffentlicht 31.10.2014 10:55:02
  • Zuletzt bearbeitet 12.04.2025 10:46:40

Multiple cross-site scripting (XSS) vulnerabilities in the CCM reports interface in the Server in Cisco Unified Communications Manager allow remote attackers to inject arbitrary web script or HTML via unspecified parameters, aka Bug ID CSCuq90589.

4.3

CVE-2014-3373

  • EPSS 0.5%
  • Veröffentlicht 31.10.2014 10:55:02
  • Zuletzt bearbeitet 12.04.2025 10:46:40

Multiple cross-site scripting (XSS) vulnerabilities in the CCM Dialed Number Analyzer interface in the Server in Cisco Unified Communications Manager allow remote attackers to inject arbitrary web script or HTML via unspecified parameters, aka Bug ID...

4.3

CVE-2014-3374

  • EPSS 0.5%
  • Veröffentlicht 31.10.2014 10:55:02
  • Zuletzt bearbeitet 12.04.2025 10:46:40

Multiple cross-site scripting (XSS) vulnerabilities in the CCM admin interface in the Server in Cisco Unified Communications Manager allow remote attackers to inject arbitrary web script or HTML via unspecified parameters, aka Bug ID CSCuq90582.

4.3

CVE-2014-3375

  • EPSS 0.53%
  • Veröffentlicht 31.10.2014 10:55:02
  • Zuletzt bearbeitet 12.04.2025 10:46:40

Multiple cross-site scripting (XSS) vulnerabilities in the CCM Service interface in the Server in Cisco Unified Communications Manager allow remote attackers to inject arbitrary web script or HTML via unspecified parameters, aka Bug ID CSCuq90597.

4

CVE-2014-3332

  • EPSS 0.35%
  • Veröffentlicht 11.08.2014 20:55:07
  • Zuletzt bearbeitet 12.04.2025 10:46:40

Cisco Unified Communications Manager (CM) 8.6(.2) and earlier has an incorrect CLI restrictions setting, which allows remote authenticated users to establish undetected concurrent logins via unspecified vectors, aka Bug ID CSCup98029.

4

CVE-2014-3316

  • EPSS 0.51%
  • Veröffentlicht 10.07.2014 11:06:28
  • Zuletzt bearbeitet 12.04.2025 10:46:40

The Multiple Analyzer in the Dialed Number Analyzer (DNA) component in Cisco Unified Communications Manager allows remote authenticated users to bypass intended upload restrictions via a crafted parameter, aka Bug ID CSCup76297.