Vulmon
Recent Vulnerabilities
Research Posts
Trends
Blog
About
Contact
Vulmon Alerts
By Relevance
By Risk Score
By Publish Date
cisco interactive voice response vulnerabilities and exploits
(subscribe to this query)
9.8
CVSSv3
CVE-2018-0403
Multiple vulnerabilities in the web-based management interface of Cisco Unified Contact Center Express (Unified CCX) could allow an unauthenticated, remote malicious user to retrieve a cleartext password. Cisco Bug IDs: CSCvg71040.
Cisco Unified Ip Interactive Voice Response 11.5\\(1\\)
Cisco Unified Contact Center Express 11.5\\(1\\)
8.8
CVSSv3
CVE-2018-0402
Multiple vulnerabilities in the web-based management interface of Cisco Unified Contact Center Express (Unified CCX) could allow an unauthenticated, remote malicious user to conduct a cross-site request forgery (CSRF) attack. Cisco Bug IDs: CSCvg70921.
Cisco Unified Ip Interactive Voice Response 11.5\\(1\\)
Cisco Unified Contact Center Express 11.5\\(1\\)
8.6
CVSSv3
CVE-2018-0139
A vulnerability in the Interactive Voice Response (IVR) management connection interface for Cisco Unified Customer Voice Portal (CVP) could allow an unauthenticated, remote malicious user to cause the IVR connection to disconnect, creating a system-wide denial of service (DoS) co...
Cisco Unified Customer Voice Portal 11.5\\(1\\)
Cisco Unified Customer Voice Portal 11.6
7.2
CVSSv3
CVE-2019-1888
A vulnerability in the Administration Web Interface of Cisco Unified Contact Center Express (Unified CCX) could allow an authenticated, remote malicious user to upload arbitrary files and execute commands on the underlying operating system. To exploit this vulnerability, an attac...
Cisco Unified Contact Center Express 11.6\\(1\\)
Cisco Unified Contact Center Express 11.6\\(2\\)
Cisco Unified Contact Center Express 12.0\\(1\\)
Cisco Unified Ip Interactive Voice Response 11.6\\(1\\)
Cisco Unified Ip Interactive Voice Response 11.6\\(2\\)
1 Article
6.6
CVSSv3
CVE-2021-44832
Apache Log4j2 versions 2.0-beta7 up to and including 2.17.0 (excluding security fix releases 2.3.2 and 2.12.4) are vulnerable to a remote code execution (RCE) attack when a configuration uses a JDBC Appender with a JNDI LDAP data source URI when an attacker has control of the tar...
Apache Log4j 2.0
Apache Log4j
Oracle Weblogic Server 12.2.1.3.0
Oracle Primavera Unifier 18.8
Oracle Weblogic Server 12.2.1.4.0
Oracle Primavera Unifier 19.12
Oracle Weblogic Server 14.1.1.0.0
Oracle Primavera Unifier 20.12
Oracle Communications Interactive Session Recorder 6.3
Oracle Communications Interactive Session Recorder 6.4
Oracle Primavera Gateway
Oracle Retail Assortment Planning 16.0.3
Oracle Primavera Unifier 21.12
Oracle Primavera P6 Enterprise Project Portfolio Management 21.12.0.0
Oracle Primavera P6 Enterprise Project Portfolio Management
Oracle Primavera Gateway 21.12.0
Oracle Retail Fiscal Management 14.2
Oracle Siebel Ui Framework 21.12
Oracle Communications Diameter Signaling Router
Cisco Cloudcenter 4.10.0.16
Fedoraproject Fedora 34
Fedoraproject Fedora 35
34 Github repositories
4 Articles
6.1
CVSSv3
CVE-2018-0400
Multiple vulnerabilities in the web-based management interface of Cisco Unified Contact Center Express (Unified CCX) could allow an unauthenticated, remote malicious user to conduct cross-site scripting (XSS) attacks against a user of the interface. Cisco Bug IDs: CSCvg70904.
Cisco Unified Contact Center Express 11.5\\(1\\)
Cisco Unified Ip Interactive Voice Response 11.5\\(1\\)
6.1
CVSSv3
CVE-2018-0401
Multiple vulnerabilities in the web-based management interface of Cisco Unified Contact Center Express (Unified CCX) could allow an unauthenticated, remote malicious user to conduct cross-site scripting (XSS) attacks against a user of the interface. Cisco Bug IDs: CSCvg70967.
Cisco Unified Contact Center Express 11.5\\(1\\)
Cisco Unified Ip Interactive Voice Response 11.5\\(1\\)
5.9
CVSSv3
CVE-2021-45105
Apache Log4j2 versions 2.0-alpha1 up to and including 2.16.0 (excluding 2.12.3 and 2.3.1) did not protect from uncontrolled recursion from self-referential lookups. This allows an attacker with control over Thread Context Map data to cause a denial of service when a crafted strin...
Apache Log4j
Netapp Cloud Manager -
Debian Debian Linux 10.0
Debian Debian Linux 11.0
Sonicwall Network Security Manager
Sonicwall Email Security
Sonicwall Web Application Firewall
Sonicwall 6bk1602-0aa12-0tp0 Firmware
Sonicwall 6bk1602-0aa22-0tp0 Firmware
Sonicwall 6bk1602-0aa32-0tp0 Firmware
Sonicwall 6bk1602-0aa42-0tp0 Firmware
Sonicwall 6bk1602-0aa52-0tp0 Firmware
Oracle E-business Suite 12.2
Oracle Retail Back Office 14.1
Oracle Weblogic Server 12.2.1.3.0
Oracle Webcenter Portal 12.2.1.3.0
Oracle Webcenter Sites 12.2.1.3.0
Oracle Managed File Transfer 12.2.1.3.0
Oracle Retail Order Broker 16.0
Oracle Retail Integration Bus 14.1.3
Oracle Retail Returns Management 14.1
Oracle Retail Central Office 14.1
74 Github repositories
5 Articles
NA
CVE-2015-0699
SQL injection vulnerability in the Interactive Voice Response (IVR) component in Cisco Unified Communications Manager (UCM) 10.5(1.98991.13) allows remote malicious users to execute arbitrary SQL commands via unspecified vectors, aka Bug ID CSCut21563.
Cisco Unified Communications Domain Manager 10.5\\(1.98991.13\\)
NA
CVE-2014-0727
SQL injection vulnerability in the CallManager Interactive Voice Response (CMIVR) interface in Cisco Unified Communications Manager (UCM) allows remote malicious users to execute arbitrary SQL commands via a crafted URL, aka Bug ID CSCum05318.
Cisco Unified Communications Manager
CVSSv3
CVSSv2
CVSSv3
VMScore
Recommendations:
CVE-2024-29895
blind SQL injection
CVE-2024-5064
CVE-2023-52677
CVE-2023-52682
CVE-2024-30051
CVE-2024-35849
remote attackers
remote
Vulnerability Notification Service
You don’t have to wait for vulnerability scanning results
Get Started
1
2
3
NEXT »