Cisco

Unified Communications Domain Manager

33 vulnerabilities found.

Hinweis: Diese Liste kann unvollständig sein. Daten werden ohne Gewähr im Ursprungsformat bereitgestellt.
6.8

CVE-2015-0588

  • EPSS 0.17%
  • Published 15.01.2015 22:59:05
  • Last modified 12.04.2025 10:46:40

Cross-site request forgery (CSRF) vulnerability in Cisco Unified Communications Domain Manager (UCDM) 10 allows remote attackers to hijack the authentication of arbitrary users, aka Bug ID CSCuo77055.

5

CVE-2014-8020

  • EPSS 0.73%
  • Published 10.01.2015 02:59:29
  • Last modified 12.04.2025 10:46:40

Cisco Unified Communication Domain Manager Platform Software allows remote attackers to cause a denial of service (CPU consumption, and performance degradation or service outage) via a flood of malformed TCP packets and UDP packets, aka Bug ID CSCup2...

4.3

CVE-2014-8018

  • EPSS 0.3%
  • Published 22.12.2014 19:59:02
  • Last modified 12.04.2025 10:46:40

Multiple cross-site scripting (XSS) vulnerabilities in Business Voice Services Manager (BVSM) pages in the Application Software in Cisco Unified Communications Domain Manager 8 allow remote attackers to inject arbitrary web script or HTML via a craft...

6.5

CVE-2014-8010

  • EPSS 0.36%
  • Published 10.12.2014 21:59:16
  • Last modified 12.04.2025 10:46:40

The web framework in Cisco Unified Communications Domain Manager 8 allows remote authenticated administrators to execute arbitrary OS commands via crafted values, aka Bug ID CSCuq50205.

6.5

CVE-2014-3339

  • EPSS 0.38%
  • Published 12.08.2014 23:55:03
  • Last modified 12.04.2025 10:46:40

Multiple SQL injection vulnerabilities in the administrative web interface in Cisco Unified Communications Manager (CM) and Cisco Unified Presence Server (CUPS) allow remote authenticated users to execute arbitrary SQL commands via crafted input to u...

6.8

CVE-2014-3337

  • EPSS 2.47%
  • Published 12.08.2014 22:55:02
  • Last modified 12.04.2025 10:46:40

The SIP implementation in Cisco Unified Communications Manager (CM) 8.6(.2) and earlier allows remote authenticated users to cause a denial of service (process crash) via a crafted SIP message that is not properly handled during processing of an XML ...

5.8

CVE-2014-3320

  • EPSS 0.53%
  • Published 18.07.2014 00:55:04
  • Last modified 12.04.2025 10:46:40

Multiple open redirect vulnerabilities in the admin web interface in the web framework in Cisco Unified Communications Domain Manager (CDM) 8.1(.4) and earlier allow remote attackers to redirect users to arbitrary web sites and conduct phishing attac...

7.5

CVE-2014-3300

  • EPSS 45.58%
  • Published 07.07.2014 11:01:30
  • Last modified 12.04.2025 10:46:40

The BVSMWeb portal in the web framework in Cisco Unified Communications Domain Manager (CDM) in Unified CDM Application Software before 10 does not properly implement access control, which allows remote attackers to modify user information via a craf...

10

CVE-2014-2198

  • EPSS 2.34%
  • Published 07.07.2014 11:01:29
  • Last modified 12.04.2025 10:46:40

Cisco Unified Communications Domain Manager (CDM) in Unified CDM Platform Software before 4.4.2 has a hardcoded SSH private key, which makes it easier for remote attackers to obtain access to the support and root accounts by extracting this key from ...

9

CVE-2014-2197

  • EPSS 0.78%
  • Published 07.07.2014 11:01:29
  • Last modified 12.04.2025 10:46:40

The Administration GUI in the web framework in Cisco Unified Communications Domain Manager (CDM) in Unified CDM Application Software before 8.1.4 does not properly implement access control, which allows remote authenticated users to modify administra...