Vulmon
Recent Vulnerabilities
Research Posts
Trends
Blog
About
Contact
Vulmon Alerts
By Relevance
By Risk Score
By Publish Date
cisco mediasense vulnerabilities and exploits
(subscribe to this query)
NA
CVE-2015-0736
Cross-site request forgery (CSRF) vulnerability in Cisco MediaSense 10.5(1) and previous versions allows remote malicious users to hijack the authentication of arbitrary users, aka Bug ID CSCuu16728.
Cisco Mediasense 9.1\\(1\\)
Cisco Mediasense 10.0\\(1\\)
Cisco Mediasense 10.5\\(1\\)
NA
CVE-2013-5501
Cross-site scripting (XSS) vulnerability in the oraservice page in Cisco MediaSense allows remote malicious users to inject arbitrary web script or HTML via an unspecified parameter, aka Bug ID CSCuj23328.
Cisco Mediasense -
NA
CVE-2013-5502
The web interface in Cisco MediaSense does not properly protect the client-server communication channel, which allows remote malicious users to obtain sensitive query string or cookie information via unspecified vectors, aka Bug ID CSCuj23344.
Cisco Mediasense -
NA
CVE-2014-0671
Open redirect vulnerability in Cisco MediaSense allows remote malicious users to redirect users to arbitrary web sites and conduct phishing attacks via an unspecified parameter, aka Bug ID CSCum16749.
Cisco Mediasense -
NA
CVE-2013-5500
Multiple cross-site scripting (XSS) vulnerabilities in the oraadmin service page in Cisco MediaSense allow remote malicious users to inject arbitrary web script or HTML via an unspecified parameter, aka Bug IDs CSCuj23320, CSCuj23324, CSCuj23333, and CSCuj23338.
Cisco Mediasense -
NA
CVE-2014-0670
Cross-site scripting (XSS) vulnerability in the Search and Play interface in Cisco MediaSense allows remote malicious users to inject arbitrary web script or HTML via an unspecified parameter, aka Bug ID CSCum16686.
Cisco Mediasense -
NA
CVE-2014-0672
The Search and Play interface in Cisco MediaSense does not properly enforce authorization requirements, which allows remote authenticated users to download arbitrary recordings via a request to this interface.
Cisco Mediasense -
7.5
CVSSv3
CVE-2017-6779
Multiple Cisco products are affected by a vulnerability in local file management for certain system log files of Cisco collaboration products that could allow an unauthenticated, remote malicious user to cause high disk utilization, resulting in a denial of service (DoS) conditio...
Cisco Emergency Responder
Cisco Emergency Responder 11.0\\(1.10000.10\\)
Cisco Finesse
Cisco Finesse 9.5\\(1\\)
Cisco Hosted Collaboration Mediation Fulfillment
Cisco Hosted Collaboration Mediation Fulfillment 9.5\\(1\\)
Cisco Mediasense 9.5\\(1\\)
Cisco Mediasense
Cisco Prime Collaboration Assurance
Cisco Prime Collaboration Provisioning 12.5
Cisco Prime License Manager
Cisco Socialminer
Cisco Unified Communications Manager
Cisco Unified Communications Manager 12.0
Cisco Unified Communications Manager 10.5\\(2.10000.5\\)
Cisco Unified Communications Manager 11.0\\(1.10000.10\\)
Cisco Unified Communications Manager 11.5\\(1.10000.6\\)
Cisco Unified Contact Center Express 9.0\\(2\\)su1.3
Cisco Unified Contact Center Express
Cisco Unified Intelligence Center
Cisco Unified Intelligence Center 9.5\\(1\\)
Cisco Unity Connection 12.0
8.1
CVSSv3
CVE-2018-11776
Apache Struts versions 2.3 to 2.3.34 and 2.5 to 2.5.16 suffer from possible Remote Code Execution when alwaysSelectFullNamespace is true (either by user or a plugin like Convention Plugin) and then: results are used with no namespace and in same time, its upper package have no or...
Apache Struts
3 EDB exploits
44 Github repositories
3 Articles
NA
CVE-2015-6420
Serialized-object interfaces in certain Cisco Collaboration and Social Media; Endpoint Clients and Client Software; Network Application, Service, and Acceleration; Network and Content Security Devices; Network Management and Provisioning; Routing and Switching - Enterprise and Se...
Apache Commons Collections
Apache Commons Collections 4.0
5 Github repositories
CVSSv3
CVSSv2
CVSSv3
VMScore
Recommendations:
CVE-2022-48654
CVE-2024-2757
authentication bypass
CVE-2024-3194
CVE-2024-33640
CVE-2024-21111
dos
insecure direct object reference
CVE-2024-21345
Vulnerability Notification Service
You don’t have to wait for vulnerability scanning results
Get Started
1
2
3
4
5
NEXT »