Cisco

Unified Presence Server

15 vulnerabilities found.

Hinweis: Diese Liste kann unvollständig sein. Daten werden ohne Gewähr im Ursprungsformat bereitgestellt.
6.5

CVE-2014-3339

  • EPSS 0.38%
  • Published 12.08.2014 23:55:03
  • Last modified 12.04.2025 10:46:40

Multiple SQL injection vulnerabilities in the administrative web interface in Cisco Unified Communications Manager (CM) and Cisco Unified Presence Server (CUPS) allow remote authenticated users to execute arbitrary SQL commands via crafted input to u...

5

CVE-2014-3328

  • EPSS 1.04%
  • Published 26.07.2014 11:11:57
  • Last modified 12.04.2025 10:46:40

The Intercluster Sync Agent Service in Cisco Unified Presence Server allows remote attackers to cause a denial of service via a TCP SYN flood, aka Bug ID CSCun34125.

6.5

CVE-2013-6983

  • EPSS 1.06%
  • Published 31.12.2013 15:16:44
  • Last modified 11.04.2025 00:51:21

SQL injection vulnerability in the web interface in Cisco Unified Presence Server allows remote authenticated users to execute arbitrary SQL commands via a crafted URL, aka Bug ID CSCuh35615.

5

CVE-2013-1242

  • EPSS 0.44%
  • Published 10.05.2013 11:42:30
  • Last modified 11.04.2025 00:51:21

Memory leak in the web framework in the server in Cisco Unified Presence (CUP) allows remote attackers to cause a denial of service (memory consumption) via malformed TCP packets, aka Bug ID CSCug38080.

7.8

CVE-2013-1137

  • EPSS 0.23%
  • Published 27.02.2013 21:55:04
  • Last modified 11.04.2025 00:51:21

Cisco Unified Presence Server (CUPS) 8.6, 9.0, and 9.1 before 9.1.1 allows remote attackers to cause a denial of service (CPU consumption) via crafted packets to the SIP TCP port, aka Bug ID CSCua89930.

10

CVE-2011-1643

  • EPSS 1.2%
  • Published 29.08.2011 15:55:01
  • Last modified 11.04.2025 00:51:21

Cisco Unified Communications Manager (aka CUCM, formerly CallManager) 6.x, 7.x before 7.1(5b)su4, 8.0, and 8.5 before 8.5(1)su2 and Cisco Unified Presence Server 6.x, 7.x, 8.0, and 8.5 before 8.5xnr allow remote attackers to read database data by con...

7.8

CVE-2010-2839

  • EPSS 0.43%
  • Published 26.08.2010 21:00:01
  • Last modified 11.04.2025 00:51:21

SIPD in Cisco Unified Presence 6.x before 6.0(7) and 7.x before 7.0(8) allows remote attackers to cause a denial of service (stack memory corruption and process failure) via a malformed SIP message, aka Bug ID CSCtd14474.

7.8

CVE-2010-2840

  • EPSS 0.43%
  • Published 26.08.2010 21:00:01
  • Last modified 11.04.2025 00:51:21

The Presence Engine (PE) service in Cisco Unified Presence 6.x before 6.0(7) and 7.x before 7.0(8) does not properly handle an erroneous Contact field in the header of a SIP SUBSCRIBE message, which allows remote attackers to cause a denial of servic...

7.8

CVE-2009-2874

  • EPSS 2.76%
  • Published 16.10.2009 16:30:00
  • Last modified 09.04.2025 00:30:58

The TimesTenD process in Cisco Unified Presence 1.x, 6.x before 6.0(6), and 7.x before 7.0(4) allows remote attackers to cause a denial of service (process crash) via a large number of TCP connections to ports 16200 and 22794, aka Bug ID CSCsy17662.

7.8

CVE-2008-1158

  • EPSS 1.92%
  • Published 16.05.2008 12:54:00
  • Last modified 09.04.2025 00:30:58

The Presence Engine (PE) service in Cisco Unified Presence before 6.0(1) allows remote attackers to cause a denial of service (core dump and service interruption) via malformed packets, aka Bug ID CSCsh50164.