Filtered by vendor Cisco
Subscriptions
Filtered by product Unified Communications Manager
Subscriptions
Total
237 CVE
| CVE | Vendors | Products | Updated | CVSS v3.1 |
|---|---|---|---|---|
| CVE-2015-6433 | 1 Cisco | 1 Unified Communications Manager | 2025-04-12 | N/A |
| SQL injection vulnerability in Cisco Unified Communications Manager 11.0(0.98000.225) allows remote authenticated users to execute arbitrary SQL commands via a crafted URL, aka Bug ID CSCut66767. | ||||
| CVE-2014-3373 | 1 Cisco | 1 Unified Communications Manager | 2025-04-12 | N/A |
| Multiple cross-site scripting (XSS) vulnerabilities in the CCM Dialed Number Analyzer interface in the Server in Cisco Unified Communications Manager allow remote attackers to inject arbitrary web script or HTML via unspecified parameters, aka Bug ID CSCup92550. | ||||
| CVE-2015-4295 | 1 Cisco | 1 Unified Communications Manager | 2025-04-12 | N/A |
| The Prime Collaboration Deployment component in Cisco Unified Communications Manager 10.5(3.10000.9) allows remote authenticated users to discover root credentials via a direct request to an unspecified URL, aka Bug ID CSCuv21819. | ||||
| CVE-2014-8008 | 1 Cisco | 1 Unified Communications Manager | 2025-04-12 | N/A |
| Absolute path traversal vulnerability in the Real-Time Monitoring Tool (RTMT) API in Cisco Unified Communications Manager (CUCM) allows remote authenticated users to read arbitrary files via a full pathname in an API command, aka Bug ID CSCur49414. | ||||
| CVE-2015-0717 | 1 Cisco | 1 Unified Communications Manager | 2025-04-12 | N/A |
| Cisco Unified Communications Manager 10.0(1.10000.12) allows local users to gain privileges via a command string in an unspecified parameter, aka Bug ID CSCut19546. | ||||
| CVE-2015-0751 | 1 Cisco | 2 Ip Phone 7861, Unified Communications Manager | 2025-04-12 | N/A |
| Cisco IP Phone 7861, when firmware from Cisco Unified Communications Manager 10.3(1) is used, allows remote attackers to cause a denial of service via crafted packets, aka Bug ID CSCus81800. | ||||
| CVE-2015-6425 | 1 Cisco | 1 Unified Communications Manager | 2025-04-12 | N/A |
| The WebApplications Identity Management subsystem in Cisco Unified Communications Manager 10.5(0.98000.88) allows remote attackers to cause a denial of service (subsystem outage) via invalid session tokens, aka Bug ID CSCul83786. | ||||
| CVE-2014-3363 | 1 Cisco | 1 Unified Communications Manager | 2025-04-12 | N/A |
| Cross-site scripting (XSS) vulnerability in the web framework in Cisco Unified Communications Manager (UCM) 9.1(2.10000.28) allows remote authenticated users to inject arbitrary web script or HTML via an unspecified parameter, aka Bug ID CSCuq68443. | ||||
| CVE-2014-3332 | 1 Cisco | 1 Unified Communications Manager | 2025-04-12 | N/A |
| Cisco Unified Communications Manager (CM) 8.6(.2) and earlier has an incorrect CLI restrictions setting, which allows remote authenticated users to establish undetected concurrent logins via unspecified vectors, aka Bug ID CSCup98029. | ||||
| CVE-2014-3366 | 1 Cisco | 1 Unified Communications Manager | 2025-04-12 | N/A |
| SQL injection vulnerability in the administrative web interface in Cisco Unified Communications Manager allows remote authenticated users to execute arbitrary SQL commands via a crafted response, aka Bug ID CSCup88089. | ||||
| CVE-2014-3316 | 1 Cisco | 1 Unified Communications Manager | 2025-04-12 | N/A |
| The Multiple Analyzer in the Dialed Number Analyzer (DNA) component in Cisco Unified Communications Manager allows remote authenticated users to bypass intended upload restrictions via a crafted parameter, aka Bug ID CSCup76297. | ||||
| CVE-2014-3317 | 1 Cisco | 1 Unified Communications Manager | 2025-04-12 | N/A |
| Directory traversal vulnerability in the Multiple Analyzer in the Dialed Number Analyzer (DNA) component in Cisco Unified Communications Manager 10.0(1) allows remote authenticated users to delete arbitrary files via a crafted URL, aka Bug ID CSCup76314. | ||||
| CVE-2014-3372 | 1 Cisco | 1 Unified Communications Manager | 2025-04-12 | N/A |
| Multiple cross-site scripting (XSS) vulnerabilities in the CCM reports interface in the Server in Cisco Unified Communications Manager allow remote attackers to inject arbitrary web script or HTML via unspecified parameters, aka Bug ID CSCuq90589. | ||||
| CVE-2016-6364 | 1 Cisco | 1 Unified Communications Manager | 2025-04-12 | N/A |
| The User Data Services (UDS) API implementation in Cisco Unified Communications Manager 11.5 allows remote attackers to bypass intended access restrictions and obtain sensitive information via unspecified API calls, aka Bug ID CSCux67855. | ||||
| CVE-2014-2185 | 1 Cisco | 1 Unified Communications Manager | 2025-04-12 | N/A |
| The Call Detail Records (CDR) Management component in Cisco Unified Communications Manager (Unified CM) allows remote authenticated users to obtain sensitive information by reading extraneous fields in an HTML document, aka Bug ID CSCun74374. | ||||
| CVE-2014-7991 | 1 Cisco | 1 Unified Communications Manager | 2025-04-12 | N/A |
| The Remote Mobile Access Subsystem in Cisco Unified Communications Manager (CM) 10.0(1) and earlier does not properly validate the Subject Alternative Name (SAN) field of an X.509 certificate, which allows man-in-the-middle attackers to spoof VCS core devices via a crafted certificate issued by a legitimate Certification Authority, aka Bug ID CSCuq86376. | ||||
| CVE-2015-4206 | 1 Cisco | 1 Unified Communications Manager | 2025-04-12 | N/A |
| Cisco Unified Communications Manager (UCM) 8.0 through 8.6 allows remote attackers to bypass an XSS protection mechanism via a crafted parameter, aka Bug ID CSCuu15266. | ||||
| CVE-2014-3292 | 1 Cisco | 1 Unified Communications Manager | 2025-04-12 | N/A |
| The Real Time Monitoring Tool (RTMT) implementation in Cisco Unified Communications Manager (Unified CM) allows remote authenticated users to (1) read or (2) delete arbitrary files via a crafted URL, aka Bug IDs CSCuo17302 and CSCuo17199. | ||||
| CVE-2015-4269 | 1 Cisco | 1 Unified Communications Manager | 2025-04-12 | N/A |
| The Tomcat throttling feature in Cisco Unified Communications Manager 10.5(1.99995.9) allows remote authenticated users to cause a denial of service (management outage) by sending many requests, aka Bug ID CSCuu99709. | ||||
| CVE-2014-2184 | 1 Cisco | 1 Unified Communications Manager | 2025-04-12 | N/A |
| The IP Manager Assistant (IPMA) component in Cisco Unified Communications Manager (Unified CM) allows remote attackers to obtain sensitive information via a crafted URL, aka Bug ID CSCun74352. | ||||