Vulmon
Recent Vulnerabilities
Research Posts
Trends
Blog
About
Contact
Vulmon Alerts
By Relevance
By Risk Score
By Publish Date
cisco unified presence server vulnerabilities and exploits
(subscribe to this query)
10
CVSSv2
CVE-2018-15427
A vulnerability in Cisco Video Surveillance Manager (VSM) Software running on certain Cisco Connected Safety and Security Unified Computing System (UCS) platforms could allow an unauthenticated, remote malicious user to log in to an affected system by using the root account, whic...
Cisco Video Surveillance Manager 7.11
Cisco Video Surveillance Manager 7.11.1
Cisco Video Surveillance Manager 7.10
10
CVSSv2
CVE-2017-12337
A vulnerability in the upgrade mechanism of Cisco collaboration products based on the Cisco Voice Operating System software platform could allow an unauthenticated, remote malicious user to gain unauthorized, elevated access to an affected device. The vulnerability occurs when a ...
Cisco Prime License Manager -
Cisco Unity Connection -
Cisco Emergency Responder -
Cisco Unified Communications Manager Im And Presence Service -
Cisco Unified Communications Manager -
Cisco Finesse -
Cisco Mediasense -
Cisco Socialminer -
Cisco Unified Intelligence Center -
Cisco Hosted Collaboration Solution -
Cisco Unified Contact Center Express -
10
CVSSv2
CVE-2017-5638
The Jakarta Multipart parser in Apache Struts 2 2.3.x prior to 2.3.32 and 2.5.x prior to 2.5.10.1 has incorrect exception handling and error-message generation during file-upload attempts, which allows remote malicious users to execute arbitrary commands via a crafted Content-Typ...
Apache Struts 2.3.5
Apache Struts 2.3.28
Apache Struts 2.3.20.2
Apache Struts 2.3.15
Apache Struts 2.3.25
Apache Struts 2.3.14
Apache Struts 2.3.13
Apache Struts 2.3.16
Apache Struts 2.3.24.2
Apache Struts 2.3.17
Apache Struts 2.3.24.1
Apache Struts 2.3.22
Apache Struts 2.3.9
Apache Struts 2.3.16.3
Apache Struts 2.3.23
Apache Struts 2.3.6
Apache Struts 2.3.24.3
Apache Struts 2.3.15.2
Apache Struts 2.3.29
Apache Struts 2.3.14.3
Apache Struts 2.3.19
Apache Struts 2.3.20.1
2 EDB exploits
2 Nmap scripts
148 Github repositories
15 Articles
10
CVSSv2
CVE-2011-1643
Cisco Unified Communications Manager (aka CUCM, formerly CallManager) 6.x, 7.x prior to 7.1(5b)su4, 8.0, and 8.5 prior to 8.5(1)su2 and Cisco Unified Presence Server 6.x, 7.x, 8.0, and 8.5 prior to 8.5xnr allow remote malicious users to read database data by connecting to a query...
Cisco Unified Communications Manager 6.1\\(3\\)
Cisco Unified Communications Manager 6.1\\(4\\)su1
Cisco Unified Communications Manager 6.1\\(4a\\)su2
Cisco Unified Communications Manager 6.1\\(1\\)
Cisco Unified Communications Manager 7.1\\(5a\\)
Cisco Unified Communications Manager 7.0\\(2\\)
Cisco Unified Communications Manager 7.0\\(1\\)su1
Cisco Unified Communications Manager 7.0\\(2a\\)su1
Cisco Unified Communications Manager 7.0\\(2a\\)su2
Cisco Unified Communications Manager 8.5\\(1\\)su1
Cisco Unified Communications Manager 8.5\\(1\\)
Cisco Unified Communications Manager 6.1\\(5\\)su1
Cisco Unified Communications Manager 6.1\\(5\\)su2
Cisco Unified Communications Manager 6.1\\(1b\\)
Cisco Unified Communications Manager 6.0
Cisco Unified Communications Manager 6.1\\(3b\\)su1
Cisco Unified Communications Manager 6.1\\(4a\\)
Cisco Unified Communications Manager 7.1\\(3\\)
Cisco Unified Communications Manager 7.1\\(5\\)
Cisco Unified Communications Manager 7.1\\(3b\\)su2
Cisco Unified Communications Manager 7.1\\(3b\\)su1
Cisco Unified Communications Manager 7.1\\(2b\\)
10
CVSSv2
CVE-2008-1154
The Disaster Recovery Framework (DRF) master server in Cisco Unified Communications products, including Unified Communications Manager (CUCM) 5.x and 6.x, Unified Presence 1.x and 6.x, Emergency Responder 2.x, and Mobility Manager 2.x, does not require authentication for requests...
Cisco Unified Presence 1.0
Cisco Unified Presence 6.0
Cisco Mobility Manager 2.0
Cisco Unified Communications Manager 5.0
Cisco Unified Communications Manager 5.1
Cisco Emergency Responder 2.0
Cisco Unified Communications Manager 6.0
Cisco Unified Communications Manager 6.1
9.3
CVSSv2
CVE-2021-44228
Apache Log4j2 2.0-beta9 up to and including 2.15.0 (excluding security releases 2.12.2, 2.12.3, and 2.3.1) JNDI features used in configuration, log messages, and parameters do not protect against attacker controlled LDAP and other JNDI related endpoints. An attacker who can contr...
Apache Log4j 2.0
Apache Log4j
Siemens Sppa-t3000 Ses3000 Firmware
Siemens Logo\\! Soft Comfort
Siemens Spectrum Power 4 4.70
Siemens Spectrum Power 4
Siemens Siveillance Control Pro
Siemens Energyip Prepay 3.7
Siemens Energyip Prepay 3.8
Siemens Siveillance Identity 1.6
Siemens Siveillance Identity 1.5
Siemens Siveillance Command
Siemens Sipass Integrated 2.85
Siemens Sipass Integrated 2.80
Siemens Head-end System Universal Device Integration System
Siemens Gma-manager
Siemens Energyip 8.5
Siemens Energyip 8.6
Siemens Energyip 8.7
Siemens Energyip 9.0
Siemens Energy Engage 3.1
Siemens E-car Operation Center
2 Metasploit modules
1182 Github repositories
28 Articles
9.3
CVSSv2
CVE-2018-11776
Apache Struts versions 2.3 to 2.3.34 and 2.5 to 2.5.16 suffer from possible Remote Code Execution when alwaysSelectFullNamespace is true (either by user or a plugin like Convention Plugin) and then: results are used with no namespace and in same time, its upper package have no or...
Apache Struts
3 EDB exploits
45 Github repositories
3 Articles
8.5
CVSSv2
CVE-2021-44832
Apache Log4j2 versions 2.0-beta7 up to and including 2.17.0 (excluding security fix releases 2.3.2 and 2.12.4) are vulnerable to a remote code execution (RCE) attack when a configuration uses a JDBC Appender with a JNDI LDAP data source URI when an attacker has control of the tar...
Apache Log4j 2.0
Apache Log4j
Oracle Weblogic Server 12.2.1.3.0
Oracle Primavera Unifier 18.8
Oracle Weblogic Server 12.2.1.4.0
Oracle Primavera Unifier 19.12
Oracle Weblogic Server 14.1.1.0.0
Oracle Primavera Unifier 20.12
Oracle Communications Interactive Session Recorder 6.3
Oracle Communications Interactive Session Recorder 6.4
Oracle Primavera Gateway
Oracle Retail Assortment Planning 16.0.3
Oracle Primavera Unifier 21.12
Oracle Primavera P6 Enterprise Project Portfolio Management 21.12.0.0
Oracle Primavera P6 Enterprise Project Portfolio Management
Oracle Primavera Gateway 21.12.0
Oracle Retail Fiscal Management 14.2
Oracle Siebel Ui Framework 21.12
Oracle Communications Diameter Signaling Router
Cisco Cloudcenter 4.10.0.16
Fedoraproject Fedora 34
Fedoraproject Fedora 35
34 Github repositories
4 Articles
7.8
CVSSv2
CVE-2017-6779
Multiple Cisco products are affected by a vulnerability in local file management for certain system log files of Cisco collaboration products that could allow an unauthenticated, remote malicious user to cause high disk utilization, resulting in a denial of service (DoS) conditio...
Cisco Emergency Responder
Cisco Emergency Responder 11.0\\(1.10000.10\\)
Cisco Finesse
Cisco Finesse 9.5\\(1\\)
Cisco Hosted Collaboration Mediation Fulfillment
Cisco Hosted Collaboration Mediation Fulfillment 9.5\\(1\\)
Cisco Mediasense 9.5\\(1\\)
Cisco Mediasense
Cisco Prime Collaboration Assurance
Cisco Prime Collaboration Provisioning 12.5
Cisco Prime License Manager
Cisco Socialminer
Cisco Unified Communications Manager
Cisco Unified Communications Manager 12.0
Cisco Unified Communications Manager 10.5\\(2.10000.5\\)
Cisco Unified Communications Manager 11.0\\(1.10000.10\\)
Cisco Unified Communications Manager 11.5\\(1.10000.6\\)
Cisco Unified Contact Center Express 9.0\\(2\\)su1.3
Cisco Unified Contact Center Express
Cisco Unified Intelligence Center
Cisco Unified Intelligence Center 9.5\\(1\\)
Cisco Unity Connection 12.0
7.8
CVSSv2
CVE-2013-1137
Cisco Unified Presence Server (CUPS) 8.6, 9.0, and 9.1 prior to 9.1.1 allows remote malicious users to cause a denial of service (CPU consumption) via crafted packets to the SIP TCP port, aka Bug ID CSCua89930.
Cisco Unified Presence Server 9.1
Cisco Unified Presence Server 8.6
Cisco Unified Presence Server 9.0
CVSSv2
CVSSv2
CVSSv3
VMScore
Recommendations:
CVE-2023-49223
CVE-2024-0044
information disclosure
CVE-2024-35753
HTML injection
CVE-2024-21306
CVE-2024-35733
SQL injection
CVE-2024-35732
Vulnerability Notification Service
You don’t have to wait for vulnerability scanning results
Get Started
1
2
3
4
5
6
NEXT »