Vulmon
Recent Vulnerabilities
Research Posts
Trends
Blog
About
Contact
Vulmon Alerts
By Relevance
By Risk Score
By Publish Date
unity connection vulnerabilities and exploits
(subscribe to this query)
4
CVSSv2
CVE-2014-2145
Directory traversal vulnerability in the messaging API in Cisco Unity Connection allows remote authenticated users to read arbitrary files via vectors related to unenforced access constraints for .wav files and the audio/x-wav MIME type, aka Bug ID CSCun91071.
Cisco Unity Connection -
6.8
CVSSv2
CVE-2014-0664
The server in Cisco Unity Connection allows remote authenticated users to cause a denial of service (CPU consumption) via unspecified IMAP commands, aka Bug ID CSCul49976.
Cisco Unity Connection -
4
CVSSv2
CVE-2013-5534
Directory traversal vulnerability in the attachment service in the Voice Message Web Service (aka VMWS or Cisco Unity Web Service) in Cisco Unity Connection allows remote authenticated users to create files, and consequently execute arbitrary JSP code, via a crafted pathname for ...
Cisco Unity Connection -
6.5
CVSSv2
CVE-2014-3336
SQL injection vulnerability in the web framework in Cisco Unity Connection 9.1(2) and previous versions allows remote authenticated users to execute arbitrary SQL commands via a crafted request, aka Bug ID CSCuq31016.
Cisco Unity Connection 9.1\\(1\\)
Cisco Unity Connection 9.1\\(2\\)
6.5
CVSSv2
CVE-2015-0715
SQL injection vulnerability in the administrative web interface in Cisco Unified Communications Manager 11.0(0.98000.225) allows remote authenticated users to execute arbitrary SQL commands via unspecified vectors, aka Bug IDs CSCut33447 and CSCut33608.
Cisco Unity Connection 11.0\\(0.98000.225\\)
NA
CVE-2024-20272
A vulnerability in the web-based management interface of Cisco Unity Connection could allow an unauthenticated, remote malicious user to upload arbitrary files to an affected system and execute commands on the underlying operating system. This vulnerability is due to a lack of au...
Cisco Unity Connection
5
CVSSv2
CVE-2018-0203
A vulnerability in the SMTP relay of Cisco Unity Connection could allow an unauthenticated, remote malicious user to send unsolicited email messages, aka a Mail Relay Vulnerability. The vulnerability is due to improper handling of domain information in the affected software. An u...
Cisco Unity Connection -
4.3
CVSSv2
CVE-2018-0354
A vulnerability in the web framework of Cisco Unity Connection could allow an unauthenticated, remote malicious user to conduct a cross-site scripting (XSS) attack against the user of the web interface of an affected system. The vulnerability is due to insufficient input validati...
Cisco Unity Connection 12.5
4
CVSSv2
CVE-2018-15396
A vulnerability in the Bulk Administration Tool (BAT) for Cisco Unity Connection could allow an authenticated, remote malicious user to cause high disk utilization, resulting in a denial of service (DoS) condition. The vulnerability exists because the affected software does not r...
Cisco Unity Connection 12.5
4.3
CVSSv2
CVE-2019-1685
A vulnerability in the Security Assertion Markup Language (SAML) single sign-on (SSO) interface of Cisco Unity Connection could allow an unauthenticated, remote malicious user to conduct a cross-site scripting (XSS) attack against a user of the interface of an affected device. Th...
Cisco Unity Connection 12.5
CVSSv2
CVSSv2
CVSSv3
VMScore
Recommendations:
CVE-2024-29758
CVE-2023-42931
unauthorized
CVE-2024-1540
unprivileged
CVE-2023-24955
CVE-2024-20259
logic flaw
CVE-2024-20333
Vulnerability Notification Service
You don’t have to wait for vulnerability scanning results
Get Started
« PREV
1
2
3
4
5
6
7
8
NEXT »