Filtered by vendor Cisco
Subscriptions
Filtered by product Unified Communications Manager
Subscriptions
Total
236 CVE
CVE | Vendors | Products | Updated | CVSS v3.1 |
---|---|---|---|---|
CVE-2012-0376 | 1 Cisco | 1 Unified Communications Manager | 2025-04-11 | N/A |
The voice-sipstack component in Cisco Unified Communications Manager (CUCM) 8.5 allows remote attackers to cause a denial of service (core dump) via vectors involving SIP messages that arrive after an upgrade, aka Bug ID CSCtj87367. | ||||
CVE-2012-3949 | 1 Cisco | 3 Ios, Ios Xe, Unified Communications Manager | 2025-04-11 | N/A |
The SIP implementation in Cisco Unified Communications Manager (CUCM) 6.x and 7.x before 7.1(5b)su5, 8.x before 8.5(1)su4, and 8.6 before 8.6(2a)su1; Cisco IOS 12.2 through 12.4 and 15.0 through 15.2; and Cisco IOS XE 3.3.xSG before 3.3.1SG, 3.4.xS, and 3.5.xS allows remote attackers to cause a denial of service (service crash or device reload) via a crafted SIP message containing an SDP session description, aka Bug IDs CSCtw66721, CSCtj33003, and CSCtw84664. | ||||
CVE-2013-1134 | 1 Cisco | 1 Unified Communications Manager | 2025-04-11 | N/A |
The Location Bandwidth Manager (LBM) Intracluster-communication feature in Cisco Unified Communications Manager (CUCM) 9.x before 9.1(1) does not require authentication from the remote LBM Hub node, which allows remote attackers to conduct cache-poisoning attacks against transaction records, and cause a denial of service (bandwidth-pool consumption and call outage), via unspecified vectors, aka Bug ID CSCub28920. | ||||
CVE-2013-1188 | 1 Cisco | 1 Unified Communications Manager | 2025-04-11 | N/A |
Cisco Unified Communications Manager (CUCM) does not properly limit the rate of authentication attempts, which allows remote attackers to cause a denial of service (application slowdown) via a series of requests, aka Bug ID CSCud39515. | ||||
CVE-2013-1240 | 1 Cisco | 1 Unified Communications Manager | 2025-04-11 | N/A |
The command-line interface in Cisco Unified Communications Manager (CUCM) does not properly validate input, which allows local users to read arbitrary files via unspecified vectors, aka Bug ID CSCue25770. | ||||
CVE-2013-3397 | 1 Cisco | 1 Unified Communications Manager | 2025-04-11 | N/A |
Cross-site request forgery (CSRF) vulnerability in the Unified Serviceability component in Cisco Unified Communications Manager (CUCM) allows remote attackers to hijack the authentication of arbitrary users for requests that perform Unified Serviceability actions, aka Bug ID CSCuh10298. | ||||
CVE-2013-3402 | 1 Cisco | 1 Unified Communications Manager | 2025-04-11 | N/A |
An unspecified function in Cisco Unified Communications Manager (CUCM) 7.1(x) through 9.1(2) allows remote authenticated users to execute arbitrary commands via unknown vectors, aka Bug ID CSCuh73440. | ||||
CVE-2013-3403 | 1 Cisco | 1 Unified Communications Manager | 2025-04-11 | N/A |
Multiple untrusted search path vulnerabilities in Cisco Unified Communications Manager (CUCM) 7.1(x) through 9.1(1a) allow local users to gain privileges by leveraging unspecified file-permission and environment-variable issues for privileged programs, aka Bug ID CSCuh73454. | ||||
CVE-2013-3404 | 1 Cisco | 1 Unified Communications Manager | 2025-04-11 | N/A |
SQL injection vulnerability in Cisco Unified Communications Manager (CUCM) 7.1(x) through 9.1(1a) allows remote attackers to execute arbitrary SQL commands via unspecified vectors, leading to discovery of encrypted credentials by leveraging metadata, aka Bug ID CSCuh01051. | ||||
CVE-2013-3433 | 1 Cisco | 1 Unified Communications Manager | 2025-04-11 | N/A |
Untrusted search path vulnerability in Cisco Unified Communications Manager (CUCM) 7.1(x) through 9.1(1a) allows local users to gain privileges by leveraging unspecified file-permission and environment-variable issues for privileged programs, aka Bug ID CSCui02276. | ||||
CVE-2013-3434 | 1 Cisco | 1 Unified Communications Manager | 2025-04-11 | N/A |
Untrusted search path vulnerability in Cisco Unified Communications Manager (CUCM) 7.1(x) through 9.1(1a) allows local users to gain privileges by leveraging unspecified file-permission and environment-variable issues for privileged programs, aka Bug ID CSCui02242. | ||||
CVE-2013-3442 | 1 Cisco | 1 Unified Communications Manager | 2025-04-11 | N/A |
The web portal in Cisco Unified Communications Manager (Unified CM) allows remote authenticated users to obtain sensitive stack-trace information via unspecified vectors that trigger a stack exception, aka Bug ID CSCug34854. | ||||
CVE-2013-3450 | 1 Cisco | 1 Unified Communications Manager | 2025-04-11 | N/A |
Cross-site request forgery (CSRF) vulnerability in the User WebDialer page in Cisco Unified Communications Manager (Unified CM) allows remote attackers to hijack the authentication of arbitrary users for requests that dial calls, aka Bug ID CSCui13028. | ||||
CVE-2013-3451 | 1 Cisco | 1 Unified Communications Manager | 2025-04-11 | N/A |
Multiple cross-site request forgery (CSRF) vulnerabilities in Cisco Unified Communications Manager (Unified CM) allow remote attackers to hijack the authentication of arbitrary users for requests that perform arbitrary Unified CM operations, aka Bug ID CSCui13033. | ||||
CVE-2013-3461 | 1 Cisco | 1 Unified Communications Manager | 2025-04-11 | N/A |
Cisco Unified Communications Manager (Unified CM) 8.5(x) and 8.6(x) before 8.6(2a)su3 and 9.x before 9.1(1) does not properly restrict the rate of SIP packets, which allows remote attackers to cause a denial of service (memory and CPU consumption, and service disruption) via a flood of UDP packets to port 5060, aka Bug ID CSCub35869. | ||||
CVE-2013-3462 | 1 Cisco | 1 Unified Communications Manager | 2025-04-11 | N/A |
Buffer overflow in Cisco Unified Communications Manager (Unified CM) 7.1(x) before 7.1(5b)su6, 8.5(x) before 8.5(1)su6, 8.6(x) before 8.6(2a)su3, and 9.x before 9.1(2) allows remote authenticated users to execute arbitrary code via unspecified vectors, aka Bug ID CSCud54358. | ||||
CVE-2013-6688 | 1 Cisco | 1 Unified Communications Manager | 2025-04-11 | N/A |
Directory traversal vulnerability in the license-upload interface in the Enterprise License Manager (ELM) component in Cisco Unified Communications Manager 9.1(1) and earlier allows remote authenticated users to create arbitrary files via a crafted path, aka Bug ID CSCui58222. | ||||
CVE-2014-0657 | 1 Cisco | 1 Unified Communications Manager | 2025-04-11 | N/A |
The administration portal in Cisco Unified Communications Manager (Unified CM) 9.1(1) and earlier does not properly handle role restrictions, which allows remote authenticated users to bypass role-based access control via multiple visits to a forbidden portal URL, aka Bug ID CSCuj83540. | ||||
CVE-2014-0686 | 1 Cisco | 1 Unified Communications Manager | 2025-04-11 | N/A |
Cisco Unified Communications Manager (aka Unified CM) 9.1 (2.10000.28) and earlier allows local users to gain privileges by leveraging incorrect file permissions, aka Bug IDs CSCul24917 and CSCul24908. | ||||
CVE-2014-0723 | 1 Cisco | 1 Unified Communications Manager | 2025-04-11 | N/A |
Cross-site scripting (XSS) vulnerability in the IP Manager Assistant (IPMA) interface in Cisco Unified Communications Manager (UCM) allows remote attackers to inject arbitrary web script or HTML via a crafted URL, aka Bug ID CSCum05343. |