Vulmon
Recent Vulnerabilities
Research Posts
Trends
Blog
About
Contact
Vulmon Alerts
By Relevance
By Risk Score
By Publish Date
mediasense vulnerabilities and exploits
(subscribe to this query)
6.8
CVSSv2
CVE-2015-0736
Cross-site request forgery (CSRF) vulnerability in Cisco MediaSense 10.5(1) and previous versions allows remote malicious users to hijack the authentication of arbitrary users, aka Bug ID CSCuu16728.
Cisco Mediasense 9.1\\(1\\)
Cisco Mediasense 10.0\\(1\\)
Cisco Mediasense 10.5\\(1\\)
4.3
CVSSv2
CVE-2014-0670
Cross-site scripting (XSS) vulnerability in the Search and Play interface in Cisco MediaSense allows remote malicious users to inject arbitrary web script or HTML via an unspecified parameter, aka Bug ID CSCum16686.
Cisco Mediasense -
4.3
CVSSv2
CVE-2013-5501
Cross-site scripting (XSS) vulnerability in the oraservice page in Cisco MediaSense allows remote malicious users to inject arbitrary web script or HTML via an unspecified parameter, aka Bug ID CSCuj23328.
Cisco Mediasense -
4.3
CVSSv2
CVE-2013-5500
Multiple cross-site scripting (XSS) vulnerabilities in the oraadmin service page in Cisco MediaSense allow remote malicious users to inject arbitrary web script or HTML via an unspecified parameter, aka Bug IDs CSCuj23320, CSCuj23324, CSCuj23333, and CSCuj23338.
Cisco Mediasense -
5
CVSSv2
CVE-2013-5502
The web interface in Cisco MediaSense does not properly protect the client-server communication channel, which allows remote malicious users to obtain sensitive query string or cookie information via unspecified vectors, aka Bug ID CSCuj23344.
Cisco Mediasense -
5.8
CVSSv2
CVE-2014-0671
Open redirect vulnerability in Cisco MediaSense allows remote malicious users to redirect users to arbitrary web sites and conduct phishing attacks via an unspecified parameter, aka Bug ID CSCum16749.
Cisco Mediasense -
4
CVSSv2
CVE-2014-0672
The Search and Play interface in Cisco MediaSense does not properly enforce authorization requirements, which allows remote authenticated users to download arbitrary recordings via a request to this interface.
Cisco Mediasense -
7.8
CVSSv2
CVE-2017-6779
Multiple Cisco products are affected by a vulnerability in local file management for certain system log files of Cisco collaboration products that could allow an unauthenticated, remote malicious user to cause high disk utilization, resulting in a denial of service (DoS) conditio...
Cisco Emergency Responder
Cisco Emergency Responder 11.0\\(1.10000.10\\)
Cisco Finesse
Cisco Finesse 9.5\\(1\\)
Cisco Hosted Collaboration Mediation Fulfillment
Cisco Hosted Collaboration Mediation Fulfillment 9.5\\(1\\)
Cisco Mediasense 9.5\\(1\\)
Cisco Mediasense
Cisco Prime Collaboration Assurance
Cisco Prime Collaboration Provisioning 12.5
Cisco Prime License Manager
Cisco Socialminer
Cisco Unified Communications Manager
Cisco Unified Communications Manager 12.0
Cisco Unified Communications Manager 10.5\\(2.10000.5\\)
Cisco Unified Communications Manager 11.0\\(1.10000.10\\)
Cisco Unified Communications Manager 11.5\\(1.10000.6\\)
Cisco Unified Contact Center Express 9.0\\(2\\)su1.3
Cisco Unified Contact Center Express
Cisco Unified Intelligence Center
Cisco Unified Intelligence Center 9.5\\(1\\)
Cisco Unity Connection 12.0
10
CVSSv2
CVE-2017-12337
A vulnerability in the upgrade mechanism of Cisco collaboration products based on the Cisco Voice Operating System software platform could allow an unauthenticated, remote malicious user to gain unauthorized, elevated access to an affected device. The vulnerability occurs when a ...
Cisco Prime License Manager -
Cisco Unity Connection -
Cisco Emergency Responder -
Cisco Unified Communications Manager Im And Presence Service -
Cisco Unified Communications Manager -
Cisco Finesse -
Cisco Mediasense -
Cisco Socialminer -
Cisco Unified Intelligence Center -
Cisco Hosted Collaboration Solution -
Cisco Unified Contact Center Express -
9.3
CVSSv2
CVE-2018-11776
Apache Struts versions 2.3 to 2.3.34 and 2.5 to 2.5.16 suffer from possible Remote Code Execution when alwaysSelectFullNamespace is true (either by user or a plugin like Convention Plugin) and then: results are used with no namespace and in same time, its upper package have no or...
Apache Struts
3 EDB exploits
44 Github repositories
3 Articles
CVSSv2
CVSSv2
CVSSv3
VMScore
Recommendations:
CVE-2024-27977
IMAP
local users
CVE-2024-32038
CVE-2023-49963
CVE-2023-22869
CVE-2024-31497
local
CVE-2024-2961
Vulnerability Notification Service
You don’t have to wait for vulnerability scanning results
Get Started
1
2
3
4
5
NEXT »