Vulmon
Recent Vulnerabilities
Research Posts
Trends
Blog
About
Contact
Vulmon Alerts
By Relevance
By Risk Score
By Publish Date
unified communications manager vulnerabilities and exploits
(subscribe to this query)
4.3
CVSSv2
CVE-2018-0355
A vulnerability in the web UI of Cisco Unified Communications Manager (Unified CM) could allow an unauthenticated, remote malicious user to conduct a cross-frame scripting (XFS) attack against the user of the web UI of an affected system. The vulnerability is due to insufficient ...
Cisco Unified Communications Manager 11.0\\(1.10000.10\\)
Cisco Unified Communications Manager 12.0\\(1.10000.10\\)
Cisco Unified Communications Manager 10.5\\(2.10000.5\\)
Cisco Unified Communications Manager 11.5\\(1.10000.6\\)
4.3
CVSSv2
CVE-2018-0328
A vulnerability in the web framework of Cisco Unified Communications Manager and Cisco Unified Presence could allow an unauthenticated, remote malicious user to conduct a cross-site scripting (XSS) attack against a user of the web interface of an affected system. The vulnerabilit...
Cisco Unified Communications Manager 11.5\\(1.10000.6\\)
Cisco Unified Communications Manager 10.5\\(2.10000.5\\)
Cisco Unified Communications Manager 11.0\\(1.10000.10\\)
Cisco Unified Communications Manager 12.0\\(1.10000.10\\)
3.5
CVSSv2
CVE-2018-0340
A vulnerability in the web framework of the Cisco Unified Communications Manager (Unified CM) software could allow an authenticated, remote malicious user to conduct a cross-site scripting (XSS) attack against the user of the web interface of the affected system. The vulnerabilit...
Cisco Unified Communications Manager 11.5\\(1.10000.6\\)
Cisco Unified Communications Manager 12.0\\(1.10000.10\\)
Cisco Unified Communications Manager 11.0\\(1.10000.10\\)
Cisco Unified Communications Manager 10.5\\(2.10000.5\\)
5
CVSSv2
CVE-2015-4196
Platform Software prior to 4.4.5 in Cisco Unified Communications Domain Manager (CDM) 8.x has a hardcoded password for a privileged account, which allows remote malicious users to obtain root access by leveraging knowledge of this password and entering it in an SSH session, aka B...
Cisco Unified Communications Domain Manager 4.4.3
Cisco Unified Communications Domain Manager 4.4.1
Cisco Unified Communications Domain Manager 4.4.2
Cisco Unified Communications Domain Manager 4.4.4
4
CVSSv2
CVE-2015-6433
SQL injection vulnerability in Cisco Unified Communications Manager 11.0(0.98000.225) allows remote authenticated users to execute arbitrary SQL commands via a crafted URL, aka Bug ID CSCut66767.
Cisco Unified Communications Manager 11.0\\(0.98000.225\\)
6.5
CVSSv2
CVE-2016-1308
SQL injection vulnerability in Cisco Unified Communications Manager 10.5(2.13900.9) allows remote authenticated users to execute arbitrary SQL commands via a crafted URL, aka Bug ID CSCux99227.
Cisco Unified Communications Manager 10.5\\\\\\(2.13900.9\\\\\\)
4
CVSSv2
CVE-2016-1317
Cisco Unified Communications Manager 11.5(0.98000.480) allows remote authenticated users to obtain sensitive database table-name and entity-name information via a direct request to an unspecified URL, aka Bug ID CSCuy11098.
Cisco Unified Communications Manager 11.5\\\\\\(0.98000.480\\\\\\)
5
CVSSv2
CVE-2015-6425
The WebApplications Identity Management subsystem in Cisco Unified Communications Manager 10.5(0.98000.88) allows remote malicious users to cause a denial of service (subsystem outage) via invalid session tokens, aka Bug ID CSCul83786.
Cisco Unified Communications Manager 10.5\\(0.98000.88\\)
4
CVSSv2
CVE-2017-12302
A vulnerability in the Cisco Unified Communications Manager SQL database interface could allow an authenticated, remote malicious user to impact the confidentiality of the system by executing arbitrary SQL queries, aka SQL Injection. The vulnerability is due to a lack of input va...
Cisco Unified Communications Domain Manager 11.0\\(1.10000.10\\)
Cisco Unified Communications Domain Manager 11.5\\(1.10000.6\\)
Cisco Unified Communications Domain Manager 12.0\\(1.10000.10\\)
Cisco Unified Communications Domain Manager 10.5\\(2.10000.5\\)
NA
CVE-2023-20259
A vulnerability in an API endpoint of multiple Cisco Unified Communications Products could allow an unauthenticated, remote malicious user to cause high CPU utilization, which could impact access to the web-based management interface and cause delays with call processing. This AP...
Cisco Unity Connection 14su3
Cisco Emergency Responder 14su3
Cisco Unified Communications Manager 14su3
Cisco Unified Communications Manager Im \\& Presence Service 14su3
Cisco Unified Communications Manager Im \\& Presence Service 12.5\\(1\\)su7
Cisco Unified Communications Manager 12.5\\(1\\)su7
Cisco Prime Collaboration Deployment 14su3
CVSSv2
CVSSv2
CVSSv3
VMScore
Recommendations:
CVE-2023-7028
memory leak
log injection
CVE-2024-3400
CVE-2022-48695
CVE-2022-48675
CVE-2024-34487
CVE-2024-33792
spoof
Vulnerability Notification Service
You don’t have to wait for vulnerability scanning results
Get Started
« PREV
5
6
7
8
9
10
NEXT »