Cisco

Unified Communications Manager

204 vulnerabilities found.

Hinweis: Diese Liste kann unvollständig sein. Daten werden ohne Gewähr im Ursprungsformat bereitgestellt.
5.3

CVE-2018-0198

  • EPSS 0.72%
  • Published 27.03.2018 09:29:00
  • Last modified 21.11.2024 03:37:42

A vulnerability in the web framework of Cisco Unified Communications Manager could allow an unauthenticated, remote attacker to view sensitive data. The vulnerability is due to insufficient protection of database tables. An attacker could exploit thi...

6.1

CVE-2018-0206

  • EPSS 0.45%
  • Published 22.02.2018 00:29:00
  • Last modified 21.11.2024 03:37:43

A vulnerability in the web-based management interface of Cisco Unified Communications Manager could allow an unauthenticated, remote attacker to conduct a reflected cross-site scripting (XSS) attack against a user of the web-based management interfac...

4.3

CVE-2018-0120

  • EPSS 0.21%
  • Published 08.02.2018 07:29:00
  • Last modified 21.11.2024 03:37:33

A vulnerability in the web framework of Cisco Unified Communications Manager could allow an authenticated, remote attacker to conduct an SQL injection attack against an affected system. The vulnerability exists because the affected software fails to ...

4.3

CVE-2018-0135

  • EPSS 0.21%
  • Published 08.02.2018 07:29:00
  • Last modified 21.11.2024 03:37:35

A vulnerability in Cisco Unified Communications Manager could allow an authenticated, remote attacker to access sensitive information on an affected system. The vulnerability exists because the affected software improperly validates user-supplied sea...

5.3

CVE-2018-0105

  • EPSS 0.72%
  • Published 18.01.2018 06:29:01
  • Last modified 21.11.2024 03:37:31

A vulnerability in the web framework of Cisco Unified Communications Manager could allow an unauthenticated, remote attacker to view sensitive data. The vulnerability is due to insufficient protection of database tables. An attacker could exploit thi...

6.1

CVE-2018-0118

  • EPSS 0.44%
  • Published 11.01.2018 09:29:00
  • Last modified 21.11.2024 03:37:33

A vulnerability in the web-based management interface of Cisco Unified Communications Manager could allow an unauthenticated, remote attacker to perform a cross-site scripting (XSS) attack against a user of the web-based management interface of an af...

10

CVE-2017-12337

  • EPSS 12.27%
  • Published 16.11.2017 07:29:01
  • Last modified 31.07.2025 15:03:24

A vulnerability in the upgrade mechanism of Cisco collaboration products based on the Cisco Voice Operating System software platform could allow an unauthenticated, remote attacker to gain unauthorized, elevated access to an affected device. The vuln...

6.1

CVE-2017-12258

  • EPSS 2.57%
  • Published 05.10.2017 07:29:00
  • Last modified 20.04.2025 01:37:25

A vulnerability in the web-based UI of Cisco Unified Communications Manager could allow an unauthenticated, remote attacker to execute a cross-frame scripting (XFS) attack. The vulnerability exists because the affected software does not provide suffi...

7.8

CVE-2017-3808

  • EPSS 0.54%
  • Published 20.04.2017 22:59:00
  • Last modified 20.04.2025 01:37:25

A vulnerability in the Session Initiation Protocol (SIP) UDP throttling process of Cisco Unified Communications Manager (Cisco Unified CM) could allow an unauthenticated, remote attacker to cause a denial of service (DoS) condition on an affected dev...

7.5

CVE-2016-6364

  • EPSS 0.73%
  • Published 23.08.2016 02:11:03
  • Last modified 12.04.2025 10:46:40

The User Data Services (UDS) API implementation in Cisco Unified Communications Manager 11.5 allows remote attackers to bypass intended access restrictions and obtain sensitive information via unspecified API calls, aka Bug ID CSCux67855.