Vulmon
Recent Vulnerabilities
Product List
Research Posts
Trends
Blog
About
Contact
Vulmon Alerts
By Relevance
By Risk Score
By Publish Date
cisco unified web and e-mail interaction manager - vulnerabilities and exploits
(subscribe to this query)
4.3
CVSSv2
CVE-2015-6416
Cross-site scripting (XSS) vulnerability in Cisco Unified Email Interaction Manager and Unified Web Interaction Manager 11.0(1) allows remote malicious users to inject arbitrary web script or HTML a crafted URL, aka Bug ID CSCuw24479.
Cisco Unified Web And E-mail Interaction Manager 11.0(1)
6.5
CVSSv2
CVE-2015-4298
Cisco Unified Web and E-Mail Interaction Manager 9.0(2) and 11.0(1) improperly performs authorization, which allows remote authenticated users to read or write to stored data via unspecified vectors, aka Bug ID CSCuo89056.
Cisco Unified Web And E-mail Interaction Manager 9.0(2)
Cisco Unified Web And E-mail Interaction Manager 11.0(1)
5.5
CVSSv2
CVE-2015-4299
Cisco Unified Web and E-Mail Interaction Manager 9.0(2) improperly performs authorization, which allows remote authenticated users to remove default messaging-queue system folders via unspecified vectors, aka Bug ID CSCuo89046.
Cisco Unified Web And E-mail Interaction Manager 9.0(2)
4.3
CVSSv2
CVE-2015-6255
Cross-site scripting (XSS) vulnerability in Cisco Unified Web and E-Mail Interaction Manager 9.0(2) allows remote malicious users to inject arbitrary web script or HTML via a crafted chat message, aka Bug ID CSCuo89051.
Cisco Unified Web And E-mail Interaction Manager 9.0(2)
6.8
CVSSv2
CVE-2015-0753
SQL injection vulnerability in Cisco Unified Email Interaction Manager (EIM) and Unified Web Interaction Manager (WIM) 9.0(2) allows remote malicious users to execute arbitrary SQL commands via unspecified vectors, aka Bug ID CSCuu30028.
Cisco Unified Web And E-mail Interaction Manager 9.0(2)
4.3
CVSSv2
CVE-2015-0655
Cross-site scripting (XSS) vulnerability in Unified Web Interaction Manager in Cisco Unified Web and E-Mail Interaction Manager allows remote malicious users to inject arbitrary web script or HTML via vectors related to a POST request, aka Bug ID CSCus74184.
Cisco Unified Web And E-mail Interaction Manager -
4.3
CVSSv2
CVE-2014-2192
Cross-site scripting (XSS) vulnerability in Cisco Unified Web and E-mail Interaction Manager 9.0(2) allows remote malicious users to inject arbitrary web script or HTML via an unspecified parameter, aka Bug ID CSCuj43033.
Cisco Unified Web And E-mail Interaction Manager 9.0(2)
4.3
CVSSv2
CVE-2014-2193
Cisco Unified Web and E-Mail Interaction Manager places session identifiers in GET requests, which allows remote malicious users to inject conversation text by obtaining a valid identifier, aka Bug ID CSCuj43084.
Cisco Unified Web And E-mail Interaction Manager -
6.8
CVSSv2
CVE-2014-2194
system/egain/chat/entrypoint in Cisco Unified Web and E-mail Interaction Manager 9.0(2) allows remote malicious users to have an unspecified impact by injecting a spoofed XML external entity.
Cisco Unified Web And E-mail Interaction Manager 9.0(2)
CVSSv2
CVSSv2
CVSSv3
VMScore
Recommendations:
type confusion
IMAP
CVE-2024-36103
CVE-2024-28995
CVE-2024-37325
CVE-2024-30078
CVE-2024-30082
SQL injection
CVE-2024-30052
Vulnerability Notification Service
You don’t have to wait for vulnerability scanning results
Get Started