Cisco

Unified Communications Domain Manager

33 Schwachstellen gefunden.

Hinweis: Diese Liste kann unvollständig sein. Daten werden ohne Gewähr im Ursprungsformat bereitgestellt.
6.8

CVE-2015-0588

  • EPSS 0.17%
  • Veröffentlicht 15.01.2015 22:59:05
  • Zuletzt bearbeitet 12.04.2025 10:46:40

Cross-site request forgery (CSRF) vulnerability in Cisco Unified Communications Domain Manager (UCDM) 10 allows remote attackers to hijack the authentication of arbitrary users, aka Bug ID CSCuo77055.

5

CVE-2014-8020

  • EPSS 0.73%
  • Veröffentlicht 10.01.2015 02:59:29
  • Zuletzt bearbeitet 12.04.2025 10:46:40

Cisco Unified Communication Domain Manager Platform Software allows remote attackers to cause a denial of service (CPU consumption, and performance degradation or service outage) via a flood of malformed TCP packets and UDP packets, aka Bug ID CSCup2...

4.3

CVE-2014-8018

  • EPSS 0.3%
  • Veröffentlicht 22.12.2014 19:59:02
  • Zuletzt bearbeitet 12.04.2025 10:46:40

Multiple cross-site scripting (XSS) vulnerabilities in Business Voice Services Manager (BVSM) pages in the Application Software in Cisco Unified Communications Domain Manager 8 allow remote attackers to inject arbitrary web script or HTML via a craft...

6.5

CVE-2014-8010

  • EPSS 0.36%
  • Veröffentlicht 10.12.2014 21:59:16
  • Zuletzt bearbeitet 12.04.2025 10:46:40

The web framework in Cisco Unified Communications Domain Manager 8 allows remote authenticated administrators to execute arbitrary OS commands via crafted values, aka Bug ID CSCuq50205.

6.5

CVE-2014-3339

  • EPSS 0.38%
  • Veröffentlicht 12.08.2014 23:55:03
  • Zuletzt bearbeitet 12.04.2025 10:46:40

Multiple SQL injection vulnerabilities in the administrative web interface in Cisco Unified Communications Manager (CM) and Cisco Unified Presence Server (CUPS) allow remote authenticated users to execute arbitrary SQL commands via crafted input to u...

6.8

CVE-2014-3337

  • EPSS 2.47%
  • Veröffentlicht 12.08.2014 22:55:02
  • Zuletzt bearbeitet 12.04.2025 10:46:40

The SIP implementation in Cisco Unified Communications Manager (CM) 8.6(.2) and earlier allows remote authenticated users to cause a denial of service (process crash) via a crafted SIP message that is not properly handled during processing of an XML ...

5.8

CVE-2014-3320

  • EPSS 0.53%
  • Veröffentlicht 18.07.2014 00:55:04
  • Zuletzt bearbeitet 12.04.2025 10:46:40

Multiple open redirect vulnerabilities in the admin web interface in the web framework in Cisco Unified Communications Domain Manager (CDM) 8.1(.4) and earlier allow remote attackers to redirect users to arbitrary web sites and conduct phishing attac...

7.5

CVE-2014-3300

  • EPSS 45.58%
  • Veröffentlicht 07.07.2014 11:01:30
  • Zuletzt bearbeitet 12.04.2025 10:46:40

The BVSMWeb portal in the web framework in Cisco Unified Communications Domain Manager (CDM) in Unified CDM Application Software before 10 does not properly implement access control, which allows remote attackers to modify user information via a craf...

10

CVE-2014-2198

  • EPSS 2.34%
  • Veröffentlicht 07.07.2014 11:01:29
  • Zuletzt bearbeitet 12.04.2025 10:46:40

Cisco Unified Communications Domain Manager (CDM) in Unified CDM Platform Software before 4.4.2 has a hardcoded SSH private key, which makes it easier for remote attackers to obtain access to the support and root accounts by extracting this key from ...

9

CVE-2014-2197

  • EPSS 0.78%
  • Veröffentlicht 07.07.2014 11:01:29
  • Zuletzt bearbeitet 12.04.2025 10:46:40

The Administration GUI in the web framework in Cisco Unified Communications Domain Manager (CDM) in Unified CDM Application Software before 8.1.4 does not properly implement access control, which allows remote authenticated users to modify administra...