Cisco

Unified Presence Server

15 Schwachstellen gefunden.

Hinweis: Diese Liste kann unvollständig sein. Daten werden ohne Gewähr im Ursprungsformat bereitgestellt.
6.5

CVE-2014-3339

  • EPSS 0.38%
  • Veröffentlicht 12.08.2014 23:55:03
  • Zuletzt bearbeitet 12.04.2025 10:46:40

Multiple SQL injection vulnerabilities in the administrative web interface in Cisco Unified Communications Manager (CM) and Cisco Unified Presence Server (CUPS) allow remote authenticated users to execute arbitrary SQL commands via crafted input to u...

5

CVE-2014-3328

  • EPSS 1.04%
  • Veröffentlicht 26.07.2014 11:11:57
  • Zuletzt bearbeitet 12.04.2025 10:46:40

The Intercluster Sync Agent Service in Cisco Unified Presence Server allows remote attackers to cause a denial of service via a TCP SYN flood, aka Bug ID CSCun34125.

6.5

CVE-2013-6983

  • EPSS 1.06%
  • Veröffentlicht 31.12.2013 15:16:44
  • Zuletzt bearbeitet 11.04.2025 00:51:21

SQL injection vulnerability in the web interface in Cisco Unified Presence Server allows remote authenticated users to execute arbitrary SQL commands via a crafted URL, aka Bug ID CSCuh35615.

5

CVE-2013-1242

  • EPSS 0.44%
  • Veröffentlicht 10.05.2013 11:42:30
  • Zuletzt bearbeitet 11.04.2025 00:51:21

Memory leak in the web framework in the server in Cisco Unified Presence (CUP) allows remote attackers to cause a denial of service (memory consumption) via malformed TCP packets, aka Bug ID CSCug38080.

7.8

CVE-2013-1137

  • EPSS 0.23%
  • Veröffentlicht 27.02.2013 21:55:04
  • Zuletzt bearbeitet 11.04.2025 00:51:21

Cisco Unified Presence Server (CUPS) 8.6, 9.0, and 9.1 before 9.1.1 allows remote attackers to cause a denial of service (CPU consumption) via crafted packets to the SIP TCP port, aka Bug ID CSCua89930.

10

CVE-2011-1643

  • EPSS 1.2%
  • Veröffentlicht 29.08.2011 15:55:01
  • Zuletzt bearbeitet 11.04.2025 00:51:21

Cisco Unified Communications Manager (aka CUCM, formerly CallManager) 6.x, 7.x before 7.1(5b)su4, 8.0, and 8.5 before 8.5(1)su2 and Cisco Unified Presence Server 6.x, 7.x, 8.0, and 8.5 before 8.5xnr allow remote attackers to read database data by con...

7.8

CVE-2010-2839

  • EPSS 0.43%
  • Veröffentlicht 26.08.2010 21:00:01
  • Zuletzt bearbeitet 11.04.2025 00:51:21

SIPD in Cisco Unified Presence 6.x before 6.0(7) and 7.x before 7.0(8) allows remote attackers to cause a denial of service (stack memory corruption and process failure) via a malformed SIP message, aka Bug ID CSCtd14474.

7.8

CVE-2010-2840

  • EPSS 0.43%
  • Veröffentlicht 26.08.2010 21:00:01
  • Zuletzt bearbeitet 11.04.2025 00:51:21

The Presence Engine (PE) service in Cisco Unified Presence 6.x before 6.0(7) and 7.x before 7.0(8) does not properly handle an erroneous Contact field in the header of a SIP SUBSCRIBE message, which allows remote attackers to cause a denial of servic...

7.8

CVE-2009-2874

  • EPSS 2.76%
  • Veröffentlicht 16.10.2009 16:30:00
  • Zuletzt bearbeitet 09.04.2025 00:30:58

The TimesTenD process in Cisco Unified Presence 1.x, 6.x before 6.0(6), and 7.x before 7.0(4) allows remote attackers to cause a denial of service (process crash) via a large number of TCP connections to ports 16200 and 22794, aka Bug ID CSCsy17662.

7.8

CVE-2008-1158

  • EPSS 1.92%
  • Veröffentlicht 16.05.2008 12:54:00
  • Zuletzt bearbeitet 09.04.2025 00:30:58

The Presence Engine (PE) service in Cisco Unified Presence before 6.0(1) allows remote attackers to cause a denial of service (core dump and service interruption) via malformed packets, aka Bug ID CSCsh50164.