Vulmon
Recent Vulnerabilities
Research Posts
Trends
Blog
About
Contact
Vulmon Alerts
By Relevance
By Risk Score
By Publish Date
cisco unity connection vulnerabilities and exploits
(subscribe to this query)
NA
CVE-2014-2145
Directory traversal vulnerability in the messaging API in Cisco Unity Connection allows remote authenticated users to read arbitrary files via vectors related to unenforced access constraints for .wav files and the audio/x-wav MIME type, aka Bug ID CSCun91071.
Cisco Unity Connection -
NA
CVE-2013-5534
Directory traversal vulnerability in the attachment service in the Voice Message Web Service (aka VMWS or Cisco Unity Web Service) in Cisco Unity Connection allows remote authenticated users to create files, and consequently execute arbitrary JSP code, via a crafted pathname for ...
Cisco Unity Connection -
NA
CVE-2014-0664
The server in Cisco Unity Connection allows remote authenticated users to cause a denial of service (CPU consumption) via unspecified IMAP commands, aka Bug ID CSCul49976.
Cisco Unity Connection -
NA
CVE-2014-3336
SQL injection vulnerability in the web framework in Cisco Unity Connection 9.1(2) and previous versions allows remote authenticated users to execute arbitrary SQL commands via a crafted request, aka Bug ID CSCuq31016.
Cisco Unity Connection 9.1\\(1\\)
Cisco Unity Connection 9.1\\(2\\)
NA
CVE-2015-0715
SQL injection vulnerability in the administrative web interface in Cisco Unified Communications Manager 11.0(0.98000.225) allows remote authenticated users to execute arbitrary SQL commands via unspecified vectors, aka Bug IDs CSCut33447 and CSCut33608.
Cisco Unity Connection 11.0\\(0.98000.225\\)
6.5
CVSSv3
CVE-2019-1915
A vulnerability in the web-based interface of Cisco Unified Communications Manager, Cisco Unified Communications Manager Session Management Edition (SME), Cisco Unified Communications Manager IM and Presence (Unified CM IM&P) Service, and Cisco Unity Connection could allo...
Cisco Unified Communications Manager 11.5\\(1.10000.6\\)
Cisco Unified Communications Manager 10.5\\(2.10000.5\\)
Cisco Unified Communications Manager 12.0\\(1.10000.10\\)
Cisco Unified Communications Manager 12.5\\(1.10000.22\\)
Cisco Unity Connection 12.5
Cisco Unity Connection 12.0
Cisco Unity Connection 11.5
Cisco Unity Connection 14.0
Cisco Unified Communications Manager Im And Presence Service 12.5\\(1\\)
9.8
CVSSv3
CVE-2024-20272
A vulnerability in the web-based management interface of Cisco Unity Connection could allow an unauthenticated, remote malicious user to upload arbitrary files to an affected system and execute commands on the underlying operating system. This vulnerability is due to a lack of au...
Cisco Unity Connection
7.2
CVSSv3
CVE-2023-20266
A vulnerability in Cisco Emergency Responder, Cisco Unified Communications Manager (Unified CM), Cisco Unified Communications Manager Session Management Edition (Unified CM SME), and Cisco Unity Connection could allow an authenticated, remote malicious user to elevate privileges ...
Cisco Unity Connection 14su3
Cisco Unity Connection 12.5\\(1\\)su7
Cisco Unity Connection 12.5\\(1\\)su8
Cisco Unity Connection 14su2
Cisco Unified Communications Manager 12.5.1su8
Cisco Emergency Responder 14su3
Cisco Unity Connection 12.5\\(1\\)su6
Cisco Emergency Responder 12.5.1su8a
Cisco Emergency Responder 12.5.1su4
5.3
CVSSv3
CVE-2018-0203
A vulnerability in the SMTP relay of Cisco Unity Connection could allow an unauthenticated, remote malicious user to send unsolicited email messages, aka a Mail Relay Vulnerability. The vulnerability is due to improper handling of domain information in the affected software. An u...
Cisco Unity Connection -
6.1
CVSSv3
CVE-2019-1685
A vulnerability in the Security Assertion Markup Language (SAML) single sign-on (SSO) interface of Cisco Unity Connection could allow an unauthenticated, remote malicious user to conduct a cross-site scripting (XSS) attack against a user of the interface of an affected device. Th...
Cisco Unity Connection 12.5
CVSSv3
CVSSv2
CVSSv3
VMScore
Recommendations:
CVE-2020-4463
CVE-2024-29895
inject
CVE-2023-52689
CVE-2024-5049
CVE-2024-5051
privilege escalation
physical
CVE-2023-52676
Vulnerability Notification Service
You don’t have to wait for vulnerability scanning results
Get Started
« PREV
1
2
3
4
5
6
7
8
NEXT »