Vulmon
Recent Vulnerabilities
Research Posts
Trends
Blog
About
Contact
Vulmon Alerts
By Relevance
By Risk Score
By Publish Date
cisco unity connection - vulnerabilities and exploits
(subscribe to this query)
7.8
CVSSv2
CVE-2012-3060
Cisco Unity Connection (UC) 8.6, 9.0, and 9.5 allows remote malicious users to cause a denial of service (CPU consumption) via malformed UDP packets, aka Bug ID CSCtz76269.
Cisco Unity Connection 9.5
Cisco Unity Connection 8.6
Cisco Unity Connection 9.0
4.3
CVSSv2
CVE-2014-2125
Cross-site scripting (XSS) vulnerability in the Web Inbox in Cisco Unity Connection 8.6(2a)SU3 and previous versions allows remote malicious users to inject arbitrary web script or HTML via an unspecified parameter, aka Bug ID CSCui33028.
Cisco Unity Connection 8.6
Cisco Unity Connection 8.6\\(1a\\)
Cisco Unity Connection 8.6\\(2a\\)
Cisco Unity Connection
6.5
CVSSv2
CVE-2015-6299
SQL injection vulnerability in the web interface in Cisco Unity Connection 9.1(1.2) and previous versions allows remote authenticated users to execute arbitrary SQL commands via a crafted POST request, aka Bug ID CSCuv63824.
Cisco Unity Connection 9.1\\(1\\)
Cisco Unity Connection 9.1\\(2\\)
6.8
CVSSv2
CVE-2015-0716
Cross-site request forgery (CSRF) vulnerability in the CUCReports page in Cisco Unity Connection 11.0(0.98000.225) and 11.0(0.98000.332) allows remote malicious users to hijack the authentication of arbitrary users, aka Bug ID CSCut33659.
Cisco Unity Connection 11.0\\(0.98000.332\\)
Cisco Unity Connection 11.0\\(0.98000.225\\)
4.3
CVSSv2
CVE-2016-1304
Cross-site scripting (XSS) vulnerability in Cisco Unity Connection 10.5(2.3009) allows remote malicious users to inject arbitrary web script or HTML via a crafted value, aka Bug ID CSCux82596.
Cisco Unity Connection 10.5\\(2.3009\\)
4.3
CVSSv2
CVE-2015-6390
Cross-site scripting (XSS) vulnerability in the management interface in Cisco Unity Connection 9.1(1.10) allows remote malicious users to inject arbitrary web script or HTML via a crafted value in a URL, aka Bug ID CSCup92741.
Cisco Unity Connection 9.1\\(1.10\\)
4.3
CVSSv2
CVE-2016-1310
Cross-site scripting (XSS) vulnerability in Cisco Unity Connection 11.5(0.199) allows remote malicious users to inject arbitrary web script or HTML via a crafted URL, aka Bug ID CSCuy09033.
Cisco Unity Connection 11.5\\\\\\(0.199\\\\\\)
6.8
CVSSv2
CVE-2015-6408
Cross-site request forgery (CSRF) vulnerability in Cisco Unity Connection 11.5(0.98) allows remote malicious users to hijack the authentication of arbitrary users, aka Bug ID CSCux24578.
Cisco Unity Connection 11.5\\(0.98\\)
9
CVSSv2
CVE-2014-3333
The server in Cisco Unity Connection 9.1(1) and 9.1(2) allows remote authenticated users to obtain privileged access by conducting an "HTTP Intercept" attack and leveraging the ability to read files within the context of the web-server user account, aka Bug ID CSCup4101...
Cisco Unity Connection 9.1\\(1\\)
Cisco Unity Connection 9.1\\(2\\)
4
CVSSv2
CVE-2014-2145
Directory traversal vulnerability in the messaging API in Cisco Unity Connection allows remote authenticated users to read arbitrary files via vectors related to unenforced access constraints for .wav files and the audio/x-wav MIME type, aka Bug ID CSCun91071.
Cisco Unity Connection -
CVSSv2
CVSSv2
CVSSv3
VMScore
Recommendations:
SSTI
CVE-2024-35863
CVE-2024-35910
man-in-the-middle
CVE-2024-35912
CVE-2024-25742
LFI
CVE-2024-32002
CVE-2024-22120
Vulnerability Notification Service
You don’t have to wait for vulnerability scanning results
Get Started
« PREV
1
2
3
4
5
6
7
NEXT »