Vulmon
Recent Vulnerabilities
Research Posts
Trends
Blog
About
Contact
Vulmon Alerts
By Relevance
By Risk Score
By Publish Date
cisco unity connection vulnerabilities and exploits
(subscribe to this query)
7.5
CVSSv3
CVE-2017-3733
During a renegotiation handshake if the Encrypt-Then-Mac extension is negotiated where it was not in the original handshake (or vice-versa) then this can cause OpenSSL 1.1.0 prior to 1.1.0e to crash (dependent on ciphersuite). Both clients and servers are affected.
Openssl Openssl 1.1.0
Openssl Openssl 1.1.0c
Openssl Openssl 1.1.0d
Openssl Openssl 1.1.0a
Openssl Openssl 1.1.0b
Hp Operations Agent 11.15
Hp Operations Agent 11.14
1 Github repository
7.5
CVSSv3
CVE-2015-7848
An integer overflow can occur in NTP-dev.4.3.70 leading to an out-of-bounds memory copy operation when processing a specially crafted private mode packet. The crafted packet needs to have the correct message authentication code and a valid timestamp. When processed by the NTP dae...
Ntp Ntp-dev 4.3.70
7.5
CVSSv3
CVE-2016-2180
The TS_OBJ_print_bio function in crypto/ts/ts_lib.c in the X.509 Public Key Infrastructure Time-Stamp Protocol (TSP) implementation in OpenSSL up to and including 1.0.2h allows remote malicious users to cause a denial of service (out-of-bounds read and application crash) via a cr...
Openssl Openssl 1.0.1m
Openssl Openssl 1.0.2a
Openssl Openssl 1.0.1j
Openssl Openssl 1.0.1h
Openssl Openssl 1.0.2e
Openssl Openssl 1.0.1r
Openssl Openssl 1.0.2b
Openssl Openssl 1.0.1c
Openssl Openssl 1.0.1g
Openssl Openssl 1.0.2g
Openssl Openssl 1.0.1a
Openssl Openssl 1.0.2h
Openssl Openssl 1.0.1d
Openssl Openssl 1.0.1t
Openssl Openssl 1.0.2c
Openssl Openssl 1.0.1p
Openssl Openssl 1.0.1k
Openssl Openssl 1.0.1b
Openssl Openssl 1.0.1n
Openssl Openssl 1.0.1q
Openssl Openssl 1.0.1e
Openssl Openssl 1.0.1l
7.5
CVSSv3
CVE-2015-6360
The encryption-processing feature in Cisco libSRTP prior to 1.5.3 allows remote malicious users to cause a denial of service via crafted fields in SRTP packets, aka Bug ID CSCux00686.
Cisco Ios Xe 3.10s 3.10.2ts
Cisco Ios Xe 3.14s 3.14.0s
Cisco Ios Xe 3.10s 3.10.2s
Cisco Ios Xe 3.15s 3.15.2s
Cisco Ios Xe 3.15s 3.15.1s
Cisco Ios Xe 3.10s 3.10.1xbs
Cisco Ios Xe 3.10s 3.10.1s
Cisco Ios Xe 3.10s 3.10.0s
Cisco Ios Xe 3.10s 3.10.6s
Cisco Ios Xe 3.11s 3.11.3s
Cisco Ios Xe 3.11s 3.11.2s
Cisco Ios Xe 3.13s 3.13.4s
Cisco Ios Xe 3.11s 3.11.1s
Cisco Ios Xe 3.11s 3.11.4s
Cisco Ios Xe 3.10s 3.10.5s
Cisco Ios Xe 3.10s 3.10.7s
Cisco Ios Xe 3.13s 3.13.1s
Cisco Ios Xe 3.13s 3.13.0s
Cisco Ios Xe 3.10s 3.10.4s
Cisco Ios Xe 3.11s 3.11.0s
Cisco Webex Meeting Center Base
Cisco Unified Ip Phone 8900 Series Firmware 9.0\\(3\\)
7.5
CVSSv3
CVE-2015-3193
The Montgomery squaring implementation in crypto/bn/asm/x86_64-mont5.pl in OpenSSL 1.0.2 prior to 1.0.2e on the x86_64 platform, as used by the BN_mod_exp function, mishandles carry propagation and produces incorrect output, which makes it easier for remote malicious users to obt...
Openssl Openssl 1.0.2a
Openssl Openssl 1.0.2b
Openssl Openssl 1.0.2c
Openssl Openssl 1.0.2
Openssl Openssl 1.0.2d
Nodejs Node.js
Canonical Ubuntu Linux 15.10
Canonical Ubuntu Linux 15.04
Canonical Ubuntu Linux 14.04
Canonical Ubuntu Linux 12.04
1 Github repository
7.2
CVSSv3
CVE-2023-20266
A vulnerability in Cisco Emergency Responder, Cisco Unified Communications Manager (Unified CM), Cisco Unified Communications Manager Session Management Edition (Unified CM SME), and Cisco Unity Connection could allow an authenticated, remote malicious user to elevate privileges ...
Cisco Unity Connection 14su3
Cisco Unity Connection 12.5\\(1\\)su7
Cisco Unity Connection 12.5\\(1\\)su8
Cisco Unity Connection 14su2
Cisco Unified Communications Manager 12.5.1su8
Cisco Emergency Responder 14su3
Cisco Unity Connection 12.5\\(1\\)su6
Cisco Emergency Responder 12.5.1su8a
Cisco Emergency Responder 12.5.1su4
6.8
CVSSv3
CVE-2018-15396
A vulnerability in the Bulk Administration Tool (BAT) for Cisco Unity Connection could allow an authenticated, remote malicious user to cause high disk utilization, resulting in a denial of service (DoS) condition. The vulnerability exists because the affected software does not r...
Cisco Unity Connection 12.5
6.6
CVSSv3
CVE-2021-44832
Apache Log4j2 versions 2.0-beta7 up to and including 2.17.0 (excluding security fix releases 2.3.2 and 2.12.4) are vulnerable to a remote code execution (RCE) attack when a configuration uses a JDBC Appender with a JNDI LDAP data source URI when an attacker has control of the tar...
Apache Log4j 2.0
Apache Log4j
Oracle Weblogic Server 12.2.1.3.0
Oracle Primavera Unifier 18.8
Oracle Weblogic Server 12.2.1.4.0
Oracle Primavera Unifier 19.12
Oracle Weblogic Server 14.1.1.0.0
Oracle Primavera Unifier 20.12
Oracle Communications Interactive Session Recorder 6.3
Oracle Communications Interactive Session Recorder 6.4
Oracle Primavera Gateway
Oracle Retail Assortment Planning 16.0.3
Oracle Primavera Unifier 21.12
Oracle Primavera P6 Enterprise Project Portfolio Management 21.12.0.0
Oracle Primavera P6 Enterprise Project Portfolio Management
Oracle Primavera Gateway 21.12.0
Oracle Retail Fiscal Management 14.2
Oracle Siebel Ui Framework 21.12
Oracle Communications Diameter Signaling Router
Cisco Cloudcenter 4.10.0.16
Fedoraproject Fedora 34
Fedoraproject Fedora 35
34 Github repositories
4 Articles
6.5
CVSSv3
CVE-2021-1226
A vulnerability in the audit logging component of Cisco Unified Communications Manager, Cisco Unified Communications Manager Session Management Edition, Cisco Unified Communications Manager IM & Presence Service, Cisco Unity Connection, Cisco Emergency Responder, and Cisc...
Cisco Unity Connection 10.5\\(2\\)
Cisco Unified Communications Manager
Cisco Unified Communications Manager 10.5\\(2\\)
Cisco Unified Communications Manager Im \\& Presence Service
Cisco Unified Communications Manager Im \\& Presence Service 12.0\\(1\\)
Cisco Unified Communications Manager Im \\& Presence Service 10.5\\(2\\)
Cisco Prime License Manager
Cisco Prime License Manager 10.5\\(2\\)
Cisco Emergency Responder 11.5\\(1\\)
Cisco Emergency Responder 12.0\\(1\\)
Cisco Emergency Responder
Cisco Emergency Responder 10.5\\(2\\)
Cisco Unity Connection
6.5
CVSSv3
CVE-2020-3130
A vulnerability in the web management interface of Cisco Unity Connection could allow an authenticated remote malicious user to overwrite files on the underlying filesystem. The vulnerability is due to insufficient input validation. An attacker could exploit this vulnerability by...
Cisco Unity Connection
CVSSv3
CVSSv2
CVSSv3
VMScore
Recommendations:
CVE-2024-4761
command injection
CVE-2024-3676
IDOR
CVE-2024-30039
CVE-2024-32113
CVE-2024-30049
CVE-2024-4776
SQL injection
Vulnerability Notification Service
You don’t have to wait for vulnerability scanning results
Get Started
« PREV
1
2
3
4
5
6
7
8
NEXT »