Vulmon
Recent Vulnerabilities
Research Posts
Trends
Blog
About
Contact
Vulmon Alerts
By Relevance
By Risk Score
By Publish Date
unity connection vulnerabilities and exploits
(subscribe to this query)
4
CVSSv2
CVE-2012-3096
Cisco Unity Connection (UC) 7.1, 8.0, and 8.5 allows remote authenticated users to cause a denial of service (resource consumption and administration outage) via extended use of the product, aka Bug ID CSCtd79132.
Cisco Unity Connection 7.1
Cisco Unity Connection 8.0
Cisco Unity Connection 8.5
4.3
CVSSv2
CVE-2014-2125
Cross-site scripting (XSS) vulnerability in the Web Inbox in Cisco Unity Connection 8.6(2a)SU3 and previous versions allows remote malicious users to inject arbitrary web script or HTML via an unspecified parameter, aka Bug ID CSCui33028.
Cisco Unity Connection 8.6
Cisco Unity Connection 8.6\\(1a\\)
Cisco Unity Connection 8.6\\(2a\\)
Cisco Unity Connection
6.8
CVSSv2
CVE-2015-0716
Cross-site request forgery (CSRF) vulnerability in the CUCReports page in Cisco Unity Connection 11.0(0.98000.225) and 11.0(0.98000.332) allows remote malicious users to hijack the authentication of arbitrary users, aka Bug ID CSCut33659.
Cisco Unity Connection 11.0\\(0.98000.332\\)
Cisco Unity Connection 11.0\\(0.98000.225\\)
6.5
CVSSv2
CVE-2015-6299
SQL injection vulnerability in the web interface in Cisco Unity Connection 9.1(1.2) and previous versions allows remote authenticated users to execute arbitrary SQL commands via a crafted POST request, aka Bug ID CSCuv63824.
Cisco Unity Connection 9.1\\(1\\)
Cisco Unity Connection 9.1\\(2\\)
4.3
CVSSv2
CVE-2016-1304
Cross-site scripting (XSS) vulnerability in Cisco Unity Connection 10.5(2.3009) allows remote malicious users to inject arbitrary web script or HTML via a crafted value, aka Bug ID CSCux82596.
Cisco Unity Connection 10.5\\(2.3009\\)
4.3
CVSSv2
CVE-2015-6390
Cross-site scripting (XSS) vulnerability in the management interface in Cisco Unity Connection 9.1(1.10) allows remote malicious users to inject arbitrary web script or HTML via a crafted value in a URL, aka Bug ID CSCup92741.
Cisco Unity Connection 9.1\\(1.10\\)
4.3
CVSSv2
CVE-2016-1310
Cross-site scripting (XSS) vulnerability in Cisco Unity Connection 11.5(0.199) allows remote malicious users to inject arbitrary web script or HTML via a crafted URL, aka Bug ID CSCuy09033.
Cisco Unity Connection 11.5\\\\\\(0.199\\\\\\)
6.8
CVSSv2
CVE-2015-6408
Cross-site request forgery (CSRF) vulnerability in Cisco Unity Connection 11.5(0.98) allows remote malicious users to hijack the authentication of arbitrary users, aka Bug ID CSCux24578.
Cisco Unity Connection 11.5\\(0.98\\)
9
CVSSv2
CVE-2014-3333
The server in Cisco Unity Connection 9.1(1) and 9.1(2) allows remote authenticated users to obtain privileged access by conducting an "HTTP Intercept" attack and leveraging the ability to read files within the context of the web-server user account, aka Bug ID CSCup4101...
Cisco Unity Connection 9.1\\(1\\)
Cisco Unity Connection 9.1\\(2\\)
4
CVSSv2
CVE-2014-7988
The Unified Messaging Service (UMS) in Cisco Unity Connection 10.5 and previous versions allows remote authenticated users to obtain sensitive information by reading log files, aka Bug ID CSCur06493.
Cisco Unity Connection
CVSSv2
CVSSv2
CVSSv3
VMScore
Recommendations:
deserialization
CVE-2024-4040
cross-site scripting
CVE-2023-25790
CVE-2024-2961
XML external entity
CVE-2024-26926
CVE-2024-32806
CVE-2024-32711
Vulnerability Notification Service
You don’t have to wait for vulnerability scanning results
Get Started
« PREV
1
2
3
4
5
6
7
NEXT »