Vulmon
Recent Vulnerabilities
Research Posts
Trends
Blog
About
Contact
Vulmon Alerts
By Relevance
By Risk Score
By Publish Date
cisco unified contact center express - vulnerabilities and exploits
(subscribe to this query)
490
VMScore
CVE-2017-6722
A vulnerability in the Extensible Messaging and Presence Protocol (XMPP) service of Cisco Unified Contact Center Express (UCCx) could allow an unauthenticated, remote malicious user to masquerade as a legitimate user, aka a Clear Text Authentication Vulnerability. More Informatio...
Cisco Unified Contact Center Express 11.5.1su1
Cisco Unified Contact Center Express 11.5\\(1\\)
Cisco Unified Contact Center Express 11.5.1es01
490
VMScore
CVE-2016-1307
The Openfire server in Cisco Finesse Desktop 10.5(1) and 11.0(1) and Unified Contact Center Express 10.6(1) has a hardcoded account, which makes it easier for remote malicious users to obtain access via an XMPP session, aka Bug ID CSCuw79085.
Cisco Finesse 10.5\\\\\\(1\\\\\\) Base
Cisco Finesse 11.0\\\\\\(1\\\\\\) Base
Cisco Unified Contact Center Express 10.6\\\\\\(1\\\\\\)
446
VMScore
CVE-2016-2180
The TS_OBJ_print_bio function in crypto/ts/ts_lib.c in the X.509 Public Key Infrastructure Time-Stamp Protocol (TSP) implementation in OpenSSL up to and including 1.0.2h allows remote malicious users to cause a denial of service (out-of-bounds read and application crash) via a cr...
Openssl Openssl 1.0.1m
Openssl Openssl 1.0.2a
Openssl Openssl 1.0.1j
Openssl Openssl 1.0.1h
Openssl Openssl 1.0.2e
Openssl Openssl 1.0.1r
Openssl Openssl 1.0.2b
Openssl Openssl 1.0.1c
Openssl Openssl 1.0.1g
Openssl Openssl 1.0.2g
Openssl Openssl 1.0.1a
Openssl Openssl 1.0.2h
Openssl Openssl 1.0.1d
Openssl Openssl 1.0.1t
Openssl Openssl 1.0.2c
Openssl Openssl 1.0.1p
Openssl Openssl 1.0.1k
Openssl Openssl 1.0.1b
Openssl Openssl 1.0.1n
Openssl Openssl 1.0.1q
Openssl Openssl 1.0.1e
Openssl Openssl 1.0.1l
446
VMScore
CVE-2015-0291
The sigalgs implementation in t1_lib.c in OpenSSL 1.0.2 prior to 1.0.2a allows remote malicious users to cause a denial of service (NULL pointer dereference and daemon crash) by using an invalid signature_algorithms extension in the ClientHello message during a renegotiation.
Openssl Openssl 1.0.2
3 Github repositories
2 Articles
445
VMScore
CVE-2020-3177
A vulnerability in the Tool for Auto-Registered Phones Support (TAPS) of Cisco Unified Communications Manager (UCM) and Cisco Unified Communications Manager Session Management Edition (SME) could allow an unauthenticated, remote malicious user to conduct directory traversal attac...
Cisco Unified Communications Manager 10.5\\(2.10000.5\\)
Cisco Unified Communications Manager 11.5\\(1.10000.6\\)
Cisco Unified Communications Manager 12.0\\(1.10000.10\\)
Cisco Unified Communications Manager 12.5\\(1.10000.22\\)
Cisco Unified Contact Center Express 12.0\\(1\\)
445
VMScore
CVE-2019-12633
A vulnerability in Cisco Unified Contact Center Express (Unified CCX) could allow an unauthenticated, remote malicious user to bypass access controls and conduct a server-side request forgery (SSRF) attack on a targeted system. The vulnerability is due to improper validation of u...
Cisco Unified Contact Center Express
Cisco Unified Contact Center Express 12.0\\(1\\)
445
VMScore
CVE-2018-0403
Multiple vulnerabilities in the web-based management interface of Cisco Unified Contact Center Express (Unified CCX) could allow an unauthenticated, remote malicious user to retrieve a cleartext password. Cisco Bug IDs: CSCvg71040.
Cisco Unified Ip Interactive Voice Response 11.5\\(1\\)
Cisco Unified Contact Center Express 11.5\\(1\\)
445
VMScore
CVE-2017-3733
During a renegotiation handshake if the Encrypt-Then-Mac extension is negotiated where it was not in the original handshake (or vice-versa) then this can cause OpenSSL 1.1.0 prior to 1.1.0e to crash (dependent on ciphersuite). Both clients and servers are affected.
Openssl Openssl 1.1.0
Openssl Openssl 1.1.0c
Openssl Openssl 1.1.0d
Openssl Openssl 1.1.0a
Openssl Openssl 1.1.0b
Hp Operations Agent 11.15
Hp Operations Agent 11.14
1 Github repository
445
VMScore
CVE-2015-7848
An integer overflow can occur in NTP-dev.4.3.70 leading to an out-of-bounds memory copy operation when processing a specially crafted private mode packet. The crafted packet needs to have the correct message authentication code and a valid timestamp. When processed by the NTP dae...
Ntp Ntp-dev 4.3.70
445
VMScore
CVE-2016-1319
Cisco Unified Communications Manager (aka CallManager) 9.1(2.10000.28), 10.5(2.10000.5), 10.5(2.12901.1), and 11.0(1.10000.10); Unified Communications Manager IM & Presence Service 10.5(2); Unified Contact Center Express 11.0(1); and Unity Connection 10.5(2) store a cleartext...
Cisco Unified Communications Manager Im And Presence Service 10.5\\\\\\(2\\\\\\)
Cisco Unified Contact Center Express 11.0\\\\\\(1\\\\\\)
Cisco Unified Communications Manager 9.1\\\\\\(2.10000.28\\\\\\)
Cisco Unified Communications Manager 10.5\\\\\\(2.10000.5\\\\\\)
Cisco Unified Communications Manager 10.5\\\\\\(2.12901.1\\\\\\)
Cisco Unified Communications Manager 11.0\\\\\\(1.10000.10\\\\\\)
Cisco Unity Connection 10.5\\\\\\(2\\\\\\)
VMScore
CVSSv2
CVSSv3
VMScore
Recommendations:
SSTI
CVE-2024-35863
CVE-2024-35910
man-in-the-middle
CVE-2024-35912
CVE-2024-25742
LFI
CVE-2024-32002
CVE-2024-22120
Vulnerability Notification Service
You don’t have to wait for vulnerability scanning results
Get Started
« PREV
1
2
3
4
5
6
7
8
9
NEXT »