Vulmon
Recent Vulnerabilities
Research Posts
Trends
Blog
About
Contact
Vulmon Alerts
By Relevance
By Risk Score
By Publish Date
unified communications manager vulnerabilities and exploits
(subscribe to this query)
4
CVSSv2
CVE-2017-3886
A vulnerability in the Cisco Unified Communications Manager web interface could allow an authenticated, remote malicious user to impact the confidentiality of the system by executing arbitrary SQL queries, aka SQL Injection. The attacker must be authenticated as an administrative...
Cisco Unified Communications Manager 11.5\\(1.10000.6\\)
Cisco Unified Communications Manager 11.0\\(1.10000.10\\)
10
CVSSv2
CVE-2008-0027
Heap-based buffer overflow in the Certificate Trust List (CTL) Provider service (CTLProvider.exe) in Cisco Unified Communications Manager (CUCM) 4.2 prior to 4.2(3)SR3 and 4.3 prior to 4.3(1)SR1, and CallManager 4.0 and 4.1 prior to 4.1(3)SR5c, allows remote malicious users to ca...
Cisco Unified Callmanager 4.1
Cisco Unified Callmanager 4.0
Cisco Unified Communications Manager 4.2.3sr2b
Cisco Unified Communications Manager 4.3
Cisco Unified Callmanager 4.1\\(3\\)sr4
Cisco Unified Callmanager 4.1\\(3\\)sr5
Cisco Unified Callmanager 4.1\\(3\\)sr5b
Cisco Unified Communications Manager 4.2
Cisco Unified Communications Manager 4.2.3sr2
7.8
CVSSv2
CVE-2010-0590
The CMSIPUtility component in Cisco Unified Communications Manager (aka CUCM, formerly CallManager) 7.x prior to 7.1(3a)su1 and 8.x prior to 8.0(1) allows remote malicious users to cause a denial of service (process failure) via a malformed SIP Register message, aka Bug ID CSCtc3...
Cisco Unified Communications Manager 7.0\\(2\\)
Cisco Unified Communications Manager 7.1
Cisco Unified Communications Manager 8.0
Cisco Unified Communications Manager 7.0\\(1\\)
Cisco Unified Communications Manager 7.0
7.8
CVSSv2
CVE-2019-1837
A vulnerability in the User Data Services (UDS) API of Cisco Unified Communications Manager (Unified CM) could allow an unauthenticated, remote malicious user to cause a denial of service (DoS) condition on the management GUI. The vulnerability is due to improper validation of in...
Cisco Unified Communications Manager 12.5\\(1.10000.22\\)
Cisco Unified Communications Manager 11.5\\(1.10000.6\\)
Cisco Unified Communications Manager 12.0\\(1.10000.10\\)
Cisco Unified Communications Manager 10.5\\(2.10000.5\\)
5
CVSSv2
CVE-2016-6364
The User Data Services (UDS) API implementation in Cisco Unified Communications Manager 11.5 allows remote malicious users to bypass intended access restrictions and obtain sensitive information via unspecified API calls, aka Bug ID CSCux67855.
Cisco Unified Communications Manager 11.5.0
2.1
CVSSv2
CVE-2018-0267
A vulnerability in the web framework of Cisco Unified Communications Manager could allow an authenticated, local malicious user to view sensitive data that should be restricted. This could include LDAP credentials. The vulnerability is due to insufficient protection of database t...
Cisco Unified Communications Manager 10.5\\(2.10000.5\\)
Cisco Unified Communications Manager 11.0\\(1.10000.10\\)
Cisco Unified Communications Manager 11.5\\(1.10000.6\\)
Cisco Unified Communications Manager 12.0\\(1.10000.10\\)
4.3
CVSSv2
CVE-2018-0411
A vulnerability in the web-based management interface of Cisco Unified Communications Manager could allow an unauthenticated, remote malicious user to conduct a reflected cross-site scripting (XSS) attack against a user of the web-based management interface of an affected device....
Cisco Unified Communications Manager 11.0\\(1.10000.10\\)
Cisco Unified Communications Manager 11.5\\(1.10000.6\\)
Cisco Unified Communications Manager 12.0\\(1.10000.10\\)
Cisco Unified Communications Manager 10.5\\(2.10000.5\\)
5
CVSSv2
CVE-2017-6791
A vulnerability in the Trust Verification Service (TVS) of Cisco Unified Communications Manager could allow an unauthenticated, remote malicious user to cause a denial of service (DoS) condition on an affected device. The vulnerability is due to improper handling of Transport Lay...
Cisco Unified Communications Manager 10.5\\(2.10000.5\\)
Cisco Unified Communications Manager 11.0\\(1.10000.10\\)
Cisco Unified Communications Manager 9.1\\(2.10000.28\\)
Cisco Unified Communications Manager 10.0\\(1.10000.24\\)
3.5
CVSSv2
CVE-2017-12357
A vulnerability in the web-based management interface of Cisco Unified Communications Manager could allow an authenticated, remote malicious user to conduct a cross-site scripting (XSS) attack against a user of the web-based management interface of an affected device. The vulnera...
Cisco Unified Communications Manager 11.5\\(1.10000.6\\)
Cisco Unified Communications Manager 10.5\\(2.10000.5\\)
Cisco Unified Communications Manager 11.0\\(1.10000.10\\)
Cisco Unified Communications Manager 12.0\\(1.10000.10\\)
4
CVSSv2
CVE-2018-0266
A vulnerability in the web framework of Cisco Unified Communications Manager could allow an authenticated, remote malicious user to view sensitive data. The vulnerability is due to insufficient protection of database tables over the web interface. An attacker could exploit this v...
Cisco Unified Communications Manager 11.5\\(1.10000.6\\)
Cisco Unified Communications Manager 10.5\\(2.10000.5\\)
Cisco Unified Communications Manager 11.0\\(1.10000.10\\)
Cisco Unified Communications Manager 12.0\\(1.10000.10\\)
CVSSv2
CVSSv2
CVSSv3
VMScore
Recommendations:
CVE-2023-7028
memory leak
log injection
CVE-2024-3400
CVE-2022-48695
CVE-2022-48675
CVE-2024-34487
CVE-2024-33792
spoof
Vulnerability Notification Service
You don’t have to wait for vulnerability scanning results
Get Started
« PREV
4
5
6
7
8
9
10
NEXT »