Cisco

Unified Communications Manager

204 vulnerabilities found.

Hinweis: Diese Liste kann unvollständig sein. Daten werden ohne Gewähr im Ursprungsformat bereitgestellt.
6.8

CVE-2014-0747

  • EPSS 0.05%
  • Published 27.02.2014 01:55:03
  • Last modified 12.04.2025 10:46:40

The Certificate Authority Proxy Function (CAPF) CLI implementation in Cisco Unified Communications Manager (Unified CM) 10.0(1) and earlier allows local users to inject commands via unspecified CAPF programs, aka Bug ID CSCum95493.

5

CVE-2014-0731

  • EPSS 0.22%
  • Published 22.02.2014 21:55:09
  • Last modified 11.04.2025 00:51:21

The administration interface in Cisco Unified Communications Manager (Unified CM) 10.0(1) and earlier allows remote attackers to bypass authentication and read Java class files via a direct request, aka Bug ID CSCum46497.

5

CVE-2014-0733

  • EPSS 0.3%
  • Published 20.02.2014 15:27:09
  • Last modified 11.04.2025 00:51:21

The Enterprise License Manager (ELM) component in Cisco Unified Communications Manager (Unified CM) 10.0(1) and earlier does not properly enforce authentication requirements, which allows remote attackers to read ELM files via a direct request to a U...

5

CVE-2014-0732

  • EPSS 0.21%
  • Published 20.02.2014 05:18:04
  • Last modified 11.04.2025 00:51:21

The Real Time Monitoring Tool (RTMT) web application in Cisco Unified Communications Manager (Unified CM) 10.0(1) and earlier does not properly enforce authentication requirements, which allows remote attackers to read application files via a direct ...

7.5

CVE-2014-0734

  • EPSS 0.22%
  • Published 20.02.2014 05:18:04
  • Last modified 11.04.2025 00:51:21

SQL injection vulnerability in the Certificate Authority Proxy Function (CAPF) implementation in Cisco Unified Communications Manager (Unified CM) 10.0(1) and earlier allows remote attackers to execute arbitrary SQL commands via a crafted URL, aka Bu...

4.3

CVE-2014-0735

  • EPSS 0.28%
  • Published 20.02.2014 05:18:04
  • Last modified 11.04.2025 00:51:21

Cross-site scripting (XSS) vulnerability in the IP Manager Assistant (IPMA) interface in Cisco Unified Communications Manager (Unified CM) 10.0(1) and earlier allows remote attackers to inject arbitrary web script or HTML via a crafted URL, aka Bug I...

6.8

CVE-2014-0736

  • EPSS 0.13%
  • Published 20.02.2014 05:18:04
  • Last modified 11.04.2025 00:51:21

Cross-site request forgery (CSRF) vulnerability in the Call Detail Records Analysis and Reporting (CAR) page in Cisco Unified Communications Manager (Unified CM) 10.0(1) and earlier allows remote attackers to hijack the authentication of arbitrary us...

5

CVE-2014-0722

  • EPSS 0.74%
  • Published 13.02.2014 05:24:51
  • Last modified 11.04.2025 00:51:21

The log4jinit web application in Cisco Unified Communications Manager (UCM) does not properly validate authentication, which allows remote attackers to cause a denial of service (performance degradation) via unspecified use of this application, aka B...

4.3

CVE-2014-0723

  • EPSS 0.29%
  • Published 13.02.2014 05:24:51
  • Last modified 11.04.2025 00:51:21

Cross-site scripting (XSS) vulnerability in the IP Manager Assistant (IPMA) interface in Cisco Unified Communications Manager (UCM) allows remote attackers to inject arbitrary web script or HTML via a crafted URL, aka Bug ID CSCum05343.

4

CVE-2014-0724

  • EPSS 0.28%
  • Published 13.02.2014 05:24:51
  • Last modified 11.04.2025 00:51:21

The bulk administration interface in Cisco Unified Communications Manager (UCM) 10.0(1) and earlier allows remote attackers to bypass authentication and read arbitrary files by using an unspecified prompt, aka Bug ID CSCum05340.