Note:
This project will be discontinued after December 13, 2021. [more]
Product:
Unified_communications_manager
(Cisco)| Repositories |
Unknown: This might be proprietary software. |
| #Vulnerabilities | 234 |
| Date | Id | Summary | Products | Score | Patch | Annotated |
|---|---|---|---|---|---|---|
| 2013-08-05 | CVE-2013-3450 | Cross-site request forgery (CSRF) vulnerability in the User WebDialer page in Cisco Unified Communications Manager (Unified CM) allows remote attackers to hijack the authentication of arbitrary users for requests that dial calls, aka Bug ID CSCui13028. | Unified_communications_manager | N/A | ||
| 2013-08-05 | CVE-2013-3442 | The web portal in Cisco Unified Communications Manager (Unified CM) allows remote authenticated users to obtain sensitive stack-trace information via unspecified vectors that trigger a stack exception, aka Bug ID CSCug34854. | Unified_communications_manager | N/A | ||
| 2013-07-18 | CVE-2013-3434 | Untrusted search path vulnerability in Cisco Unified Communications Manager (CUCM) 7.1(x) through 9.1(1a) allows local users to gain privileges by leveraging unspecified file-permission and environment-variable issues for privileged programs, aka Bug ID CSCui02242. | Unified_communications_manager | N/A | ||
| 2013-07-18 | CVE-2013-3433 | Untrusted search path vulnerability in Cisco Unified Communications Manager (CUCM) 7.1(x) through 9.1(1a) allows local users to gain privileges by leveraging unspecified file-permission and environment-variable issues for privileged programs, aka Bug ID CSCui02276. | Unified_communications_manager | N/A | ||
| 2013-07-18 | CVE-2013-3412 | SQL injection vulnerability in Cisco Unified Communications Manager (CUCM) 7.1(x) through 9.1(2) allows remote authenticated users to execute arbitrary SQL commands via unspecified vectors, aka Bug ID CSCuh81766. | Unified_communications_manager | N/A | ||
| 2013-07-18 | CVE-2013-3404 | SQL injection vulnerability in Cisco Unified Communications Manager (CUCM) 7.1(x) through 9.1(1a) allows remote attackers to execute arbitrary SQL commands via unspecified vectors, leading to discovery of encrypted credentials by leveraging metadata, aka Bug ID CSCuh01051. | Unified_communications_manager | N/A | ||
| 2013-07-18 | CVE-2013-3403 | Multiple untrusted search path vulnerabilities in Cisco Unified Communications Manager (CUCM) 7.1(x) through 9.1(1a) allow local users to gain privileges by leveraging unspecified file-permission and environment-variable issues for privileged programs, aka Bug ID CSCuh73454. | Unified_communications_manager | N/A | ||
| 2013-07-18 | CVE-2013-3402 | An unspecified function in Cisco Unified Communications Manager (CUCM) 7.1(x) through 9.1(2) allows remote authenticated users to execute arbitrary commands via unknown vectors, aka Bug ID CSCuh73440. | Unified_communications_manager | N/A | ||
| 2013-06-26 | CVE-2013-3397 | Cross-site request forgery (CSRF) vulnerability in the Unified Serviceability component in Cisco Unified Communications Manager (CUCM) allows remote attackers to hijack the authentication of arbitrary users for requests that perform Unified Serviceability actions, aka Bug ID CSCuh10298. | Unified_communications_manager | N/A | ||
| 2013-05-04 | CVE-2013-1240 | The command-line interface in Cisco Unified Communications Manager (CUCM) does not properly validate input, which allows local users to read arbitrary files via unspecified vectors, aka Bug ID CSCue25770. | Unified_communications_manager | N/A |