Note:
This project will be discontinued after December 13, 2021. [more]
Product:
Emergency_responder
(Cisco)| Repositories |
Unknown: This might be proprietary software. |
| #Vulnerabilities | 26 |
| Date | Id | Summary | Products | Score | Patch | Annotated |
|---|---|---|---|---|---|---|
| 2015-12-13 | CVE-2015-6405 | Cross-site request forgery (CSRF) vulnerability in Cisco Emergency Responder 10.5(1) and 10.5(1a) allows remote attackers to hijack the authentication of arbitrary users, aka Bug ID CSCuv26501. | Emergency_responder | N/A | ||
| 2015-12-13 | CVE-2015-6400 | Multiple cross-site scripting (XSS) vulnerabilities in Cisco Emergency Responder 10.5(1a) allow remote attackers to inject arbitrary web script or HTML via unspecified fields, aka Bug ID CSCuv25547. | Emergency_responder | N/A | ||
| 2014-04-04 | CVE-2014-2117 | Multiple open redirect vulnerabilities in Cisco Emergency Responder (ER) 8.6 and earlier allow remote attackers to redirect users to arbitrary web sites and conduct phishing attacks via unspecified parameters, aka Bug ID CSCun37909. | Emergency_responder | N/A | ||
| 2014-04-04 | CVE-2014-2116 | Cisco Emergency Responder (ER) 8.6 and earlier allows remote attackers to inject web pages and modify dynamic content via unspecified parameters, aka Bug ID CSCun37882. | Emergency_responder | N/A | ||
| 2014-04-04 | CVE-2014-2115 | Multiple cross-site request forgery (CSRF) vulnerabilities in CERUserServlet pages in Cisco Emergency Responder (ER) 8.6 and earlier allow remote attackers to hijack the authentication of arbitrary users, aka Bug ID CSCun24250. | Emergency_responder | N/A | ||
| 2014-04-04 | CVE-2014-2114 | Cross-site scripting (XSS) vulnerability in UserServlet in Cisco Emergency Responder (ER) 8.6 and earlier allows remote attackers to inject arbitrary web script or HTML via an unspecified parameter, aka Bug ID CSCun24384. | Emergency_responder | N/A | ||
| 2012-08-06 | CVE-2012-1346 | Cisco Emergency Responder 8.6 and 9.2 allows remote attackers to cause a denial of service (CPU consumption) by sending malformed UDP packets to the CERPT port, aka Bug ID CSCtx38369. | Emergency_responder | N/A | ||
| 2008-04-04 | CVE-2008-1154 | The Disaster Recovery Framework (DRF) master server in Cisco Unified Communications products, including Unified Communications Manager (CUCM) 5.x and 6.x, Unified Presence 1.x and 6.x, Emergency Responder 2.x, and Mobility Manager 2.x, does not require authentication for requests received from the network, which allows remote attackers to execute arbitrary code via unspecified vectors. | Emergency_responder, Mobility_manager, Unified_communications_manager, Unified_presence | N/A | ||
| 2004-01-21 | CVE-2004-1760 | The default installation of Cisco voice products, when running the IBM Director Agent on IBM servers before OS 2000.2.6, does not require authentication, which allows remote attackers to gain administrator privileges by connecting to TCP port 14247. | Call_manager, Conference_connection, Emergency_responder, Internet_service_node, Ip_call_center_express_enhanced, Ip_call_center_express_standard, Ip_interactive_voice_response, Personal_assistant, Director_agent, Mcs\-7815\-1000, Mcs\-7815i\-2\.0, Mcs\-7835i\-2\.4, Mcs\-7835i\-3\.0, X330, X340, X342, X345 | N/A | ||
| 2004-01-21 | CVE-2004-1759 | Cisco voice products, when running the IBM Director Agent on IBM servers before OS 2000.2.6, allows remote attackers to cause a denial of service (CPU consumption) via arbitrary packets to TCP port 14247, as demonstrated using port scanning. | Call_manager, Conference_connection, Emergency_responder, Internet_service_node, Ip_call_center_express_enhanced, Ip_call_center_express_standard, Ip_interactive_voice_response, Personal_assistant, Director_agent, Mcs\-7815\-1000, Mcs\-7815i\-2\.0, Mcs\-7835i\-2\.4, Mcs\-7835i\-3\.0, X330, X340, X342, X345 | N/A |