Vulmon
Recent Vulnerabilities
Research Posts
Trends
Blog
About
Contact
Vulmon Alerts
By Relevance
By Risk Score
By Publish Date
cisco unity connection - vulnerabilities and exploits
(subscribe to this query)
4
CVSSv2
CVE-2014-7988
The Unified Messaging Service (UMS) in Cisco Unity Connection 10.5 and previous versions allows remote authenticated users to obtain sensitive information by reading log files, aka Bug ID CSCur06493.
Cisco Unity Connection
6.8
CVSSv2
CVE-2014-0664
The server in Cisco Unity Connection allows remote authenticated users to cause a denial of service (CPU consumption) via unspecified IMAP commands, aka Bug ID CSCul49976.
Cisco Unity Connection -
4
CVSSv2
CVE-2013-5534
Directory traversal vulnerability in the attachment service in the Voice Message Web Service (aka VMWS or Cisco Unity Web Service) in Cisco Unity Connection allows remote authenticated users to create files, and consequently execute arbitrary JSP code, via a crafted pathname for ...
Cisco Unity Connection -
6.5
CVSSv2
CVE-2014-3336
SQL injection vulnerability in the web framework in Cisco Unity Connection 9.1(2) and previous versions allows remote authenticated users to execute arbitrary SQL commands via a crafted request, aka Bug ID CSCuq31016.
Cisco Unity Connection 9.1\\(1\\)
Cisco Unity Connection 9.1\\(2\\)
6.5
CVSSv2
CVE-2015-0715
SQL injection vulnerability in the administrative web interface in Cisco Unified Communications Manager 11.0(0.98000.225) allows remote authenticated users to execute arbitrary SQL commands via unspecified vectors, aka Bug IDs CSCut33447 and CSCut33608.
Cisco Unity Connection 11.0\\(0.98000.225\\)
4.3
CVSSv2
CVE-2019-1915
A vulnerability in the web-based interface of Cisco Unified Communications Manager, Cisco Unified Communications Manager Session Management Edition (SME), Cisco Unified Communications Manager IM and Presence (Unified CM IM&P) Service, and Cisco Unity Connection could allo...
Cisco Unified Communications Manager 11.5\\(1.10000.6\\)
Cisco Unified Communications Manager 10.5\\(2.10000.5\\)
Cisco Unified Communications Manager 12.0\\(1.10000.10\\)
Cisco Unified Communications Manager 12.5\\(1.10000.22\\)
Cisco Unity Connection 12.5
Cisco Unity Connection 12.0
Cisco Unity Connection 11.5
Cisco Unity Connection 14.0
Cisco Unified Communications Manager Im And Presence Service 12.5\\(1\\)
NA
CVE-2024-20272
A vulnerability in the web-based management interface of Cisco Unity Connection could allow an unauthenticated, remote malicious user to upload arbitrary files to an affected system and execute commands on the underlying operating system. This vulnerability is due to a lack of au...
Cisco Unity Connection
NA
CVE-2023-20266
A vulnerability in Cisco Emergency Responder, Cisco Unified Communications Manager (Unified CM), Cisco Unified Communications Manager Session Management Edition (Unified CM SME), and Cisco Unity Connection could allow an authenticated, remote malicious user to elevate privileges ...
Cisco Unity Connection 14su3
Cisco Unity Connection 12.5\\(1\\)su7
Cisco Unity Connection 12.5\\(1\\)su8
Cisco Unity Connection 14su2
Cisco Unified Communications Manager 12.5.1su8
Cisco Emergency Responder 14su3
Cisco Unity Connection 12.5\\(1\\)su6
Cisco Emergency Responder 12.5.1su8a
Cisco Emergency Responder 12.5.1su4
5
CVSSv2
CVE-2018-0203
A vulnerability in the SMTP relay of Cisco Unity Connection could allow an unauthenticated, remote malicious user to send unsolicited email messages, aka a Mail Relay Vulnerability. The vulnerability is due to improper handling of domain information in the affected software. An u...
Cisco Unity Connection -
4
CVSSv2
CVE-2018-15396
A vulnerability in the Bulk Administration Tool (BAT) for Cisco Unity Connection could allow an authenticated, remote malicious user to cause high disk utilization, resulting in a denial of service (DoS) condition. The vulnerability exists because the affected software does not r...
Cisco Unity Connection 12.5
CVSSv2
CVSSv2
CVSSv3
VMScore
Recommendations:
CVE-2024-22460
CVE-2024-4646
CVE-2024-29212
IMAP
CVE-2023-36672
CVE-2024-34547
command injection
CVE-2024-4651
stored XSS
Vulnerability Notification Service
You don’t have to wait for vulnerability scanning results
Get Started
« PREV
1
2
3
4
5
6
7
8
NEXT »