Vulmon
Recent Vulnerabilities
Research Posts
Trends
Blog
About
Contact
Vulmon Alerts
By Relevance
By Risk Score
By Publish Date
cisco unified communications manager vulnerabilities and exploits
(subscribe to this query)
8.8
CVSSv3
CVE-2018-0474
A vulnerability in the web-based management interface of Cisco Unified Communications Manager could allow an authenticated, remote malicious user to view digest credentials in clear text. The vulnerability is due to the incorrect inclusion of saved passwords in configuration page...
Cisco Unified Communications Manager 10.5\\(2.14076.1\\)
8.8
CVSSv3
CVE-2018-0363
A vulnerability in the web-based management interface of Cisco Unified Communications Manager IM & Presence Service (formerly CUPS) could allow an unauthenticated, remote malicious user to conduct a cross-site request forgery (CSRF) attack and perform arbitrary actions on an ...
Cisco Unified Communications Manager Im And Presence Service 11.5\\(1\\)
8.8
CVSSv3
CVE-2018-0364
A vulnerability in the web-based management interface of Cisco Unified Communications Domain Manager could allow an unauthenticated, remote malicious user to conduct a cross-site request forgery (CSRF) attack and perform arbitrary actions on an affected device. The vulnerability ...
Cisco Unified Communications Domain Manager
8.8
CVSSv3
CVE-2015-7849
Use-after-free vulnerability in ntpd in NTP 4.2.x prior to 4.2.8p4, and 4.3.x prior to 4.3.77 allows remote authenticated users to possibly execute arbitrary code or cause a denial of service (crash) via crafted packets.
Ntp Ntp
Ntp Ntp 4.2.8
Netapp Oncommand Balance -
Netapp Oncommand Performance Manager -
Netapp Oncommand Unified Manager -
Netapp Clustered Data Ontap -
Netapp Data Ontap -
8.8
CVSSv3
CVE-2015-7854
Buffer overflow in the password management functionality in NTP 4.2.x prior to 4.2.8p4, and 4.3.x prior to 4.3.77 allows remote authenticated users to cause a denial of service (daemon crash) or possibly execute arbitrary code via a crafted key file.
Ntp Ntp
Ntp Ntp 4.2.8
Netapp Oncommand Balance -
Netapp Oncommand Performance Manager -
Netapp Oncommand Unified Manager -
Netapp Clustered Data Ontap -
Netapp Data Ontap -
8.8
CVSSv3
CVE-2017-6757
A vulnerability in Cisco Unified Communications Manager 10.5(2.10000.5), 11.0(1.10000.10), and 11.5(1.10000.6) could allow an authenticated, remote malicious user to conduct a blind SQL injection attack. The vulnerability is due to a failure to validate user-supplied input used i...
Cisco Unified Communications Manager 11.0\\(1.10000.10\\)
Cisco Unified Communications Manager 11.5\\(1.10000.6\\)
Cisco Unified Communications Manager 10.5\\(2.10000.5\\)
8.6
CVSSv3
CVE-2020-3226
A vulnerability in the Session Initiation Protocol (SIP) library of Cisco IOS Software and Cisco IOS XE Software could allow an unauthenticated, remote malicious user to trigger a reload of an affected device, resulting in a denial of service (DoS) condition. The vulnerability is...
Cisco Ios 15.0\\(2\\)sg11a
Cisco Ios 15.3\\(3\\)jaa1
Cisco Ios 15.3\\(3\\)jpi
Cisco Ios 15.3\\(3\\)jpj
Cisco Ios 15.3\\(3\\)m
Cisco Ios 15.3\\(3\\)m1
Cisco Ios 15.3\\(3\\)m2
Cisco Ios 15.3\\(3\\)m3
Cisco Ios 15.3\\(3\\)m4
Cisco Ios 15.3\\(3\\)m5
Cisco Ios 15.3\\(3\\)m6
Cisco Ios 15.3\\(3\\)m7
Cisco Ios 15.3\\(3\\)m8
Cisco Ios 15.3\\(3\\)m8a
Cisco Ios 15.3\\(3\\)m9
Cisco Ios 15.3\\(3\\)m10
Cisco Ios 15.3\\(3\\)xb12
Cisco Ios 15.4\\(1\\)cg
Cisco Ios 15.4\\(1\\)t
Cisco Ios 15.4\\(1\\)t1
Cisco Ios 15.4\\(1\\)t2
Cisco Ios 15.4\\(1\\)t3
8.6
CVSSv3
CVE-2019-1845
A vulnerability in the authentication service of the Cisco Unified Communications Manager IM and Presence (Unified CM IM&P) Service, Cisco TelePresence Video Communication Server (VCS), and Cisco Expressway Series could allow an unauthenticated, remote malicious user to c...
Cisco Telepresence Video Communication Server
Cisco Unified Communications Manager Im And Presence Service 11.5\\(1\\)
8.5
CVSSv3
CVE-2021-39144
XStream is a simple library to serialize objects to XML and back again. In affected versions this vulnerability may allow a remote attacker has sufficient rights to execute commands of the host only by manipulating the processed input stream. No user is affected, who followed the...
Xstream Project Xstream
Debian Debian Linux 9.0
Debian Debian Linux 10.0
Debian Debian Linux 11.0
Fedoraproject Fedora 33
Fedoraproject Fedora 34
Fedoraproject Fedora 35
Netapp Snapmanager -
Oracle Webcenter Portal 12.2.1.3.0
Oracle Utilities Framework 4.2.0.3.0
Oracle Utilities Framework 4.2.0.2.0
Oracle Utilities Framework 4.3.0.6.0
Oracle Utilities Framework 4.4.0.0.0
Oracle Communications Unified Inventory Management 7.3.4
Oracle Communications Unified Inventory Management 7.3.5
Oracle Communications Unified Inventory Management 7.4.0
Oracle Webcenter Portal 12.2.1.4.0
Oracle Utilities Framework 4.4.0.2.0
Oracle Communications Billing And Revenue Management Elastic Charging Engine 11.3
Oracle Communications Billing And Revenue Management Elastic Charging Engine 12.0
Oracle Business Activity Monitoring 12.2.1.4.0
Oracle Commerce Guided Search 11.3.2
1 Metasploit module
3 Github repositories
2 Articles
8.1
CVSSv3
CVE-2022-20816
A vulnerability in the web-based management interface of Cisco Unified Communications Manager (Unified CM) and Cisco Unified Communications Manager Session Management Edition (Unified CM SME) could allow an authenticated, remote malicious user to delete arbitrary files from an af...
Cisco Unified Communications Manager
CVSSv3
CVSSv2
CVSSv3
VMScore
Recommendations:
CVE-2023-7073
CVE-2024-5496
CVE-2024-5495
XPath injection
bypass
CVE-2024-30043
CVE-2024-24919
denial of service
CVE-2024-35468
Vulnerability Notification Service
You don’t have to wait for vulnerability scanning results
Get Started
« PREV
1
2
3
4
5
6
7
8
NEXT »