Unified_communications_manager - Vulncode-DB

Note:

This project will be discontinued after December 13, 2021. [more]

Product:
Unified_communications_manager
(Cisco)

Repositories	Unknown: This might be proprietary software.
#Vulnerabilities	234

Date	Id	Summary	Products	Score	Patch	Annotated
2014-02-27	CVE-2014-0741	The certificate-import feature in the Certificate Authority Proxy Function (CAPF) CLI implementation in Cisco Unified Communications Manager (Unified CM) 10.0(1) and earlier allows local users to read or modify arbitrary files via a crafted command, aka Bug ID CSCum95461.	Unified_communications_manager	N/A
2014-02-27	CVE-2014-0740	Cross-site request forgery (CSRF) vulnerability in the Call Detail Records Analysis and Reporting (CAR) interface in the OS Administration component in Cisco Unified Communications Manager (Unified CM) 10.0(1) and earlier allows remote attackers to hijack the authentication of administrators for requests that make administrative changes, aka Bug ID CSCun00701.	Unified_communications_manager	N/A
2014-02-20	CVE-2014-0736	Cross-site request forgery (CSRF) vulnerability in the Call Detail Records Analysis and Reporting (CAR) page in Cisco Unified Communications Manager (Unified CM) 10.0(1) and earlier allows remote attackers to hijack the authentication of arbitrary users for requests that make CAR modifications, aka Bug ID CSCum46468.	Unified_communications_manager	N/A
2014-02-20	CVE-2014-0735	Cross-site scripting (XSS) vulnerability in the IP Manager Assistant (IPMA) interface in Cisco Unified Communications Manager (Unified CM) 10.0(1) and earlier allows remote attackers to inject arbitrary web script or HTML via a crafted URL, aka Bug ID CSCum46470.	Unified_communications_manager	N/A
2014-02-20	CVE-2014-0734	SQL injection vulnerability in the Certificate Authority Proxy Function (CAPF) implementation in Cisco Unified Communications Manager (Unified CM) 10.0(1) and earlier allows remote attackers to execute arbitrary SQL commands via a crafted URL, aka Bug ID CSCum46483.	Unified_communications_manager	N/A
2014-02-20	CVE-2014-0733	The Enterprise License Manager (ELM) component in Cisco Unified Communications Manager (Unified CM) 10.0(1) and earlier does not properly enforce authentication requirements, which allows remote attackers to read ELM files via a direct request to a URL, aka Bug ID CSCum46494.	Unified_communications_manager	N/A
2014-02-20	CVE-2014-0732	The Real Time Monitoring Tool (RTMT) web application in Cisco Unified Communications Manager (Unified CM) 10.0(1) and earlier does not properly enforce authentication requirements, which allows remote attackers to read application files via a direct request to a URL, aka Bug ID CSCum46495.	Unified_communications_manager	N/A
2014-02-22	CVE-2014-0731	The administration interface in Cisco Unified Communications Manager (Unified CM) 10.0(1) and earlier allows remote attackers to bypass authentication and read Java class files via a direct request, aka Bug ID CSCum46497.	Unified_communications_manager	N/A
2014-02-13	CVE-2014-0729	SQL injection vulnerability in the Enterprise Mobility Application (EMApp) interface in Cisco Unified Communications Manager (UCM) allows remote attackers to execute arbitrary SQL commands via a crafted URL, aka Bug ID CSCum05302.	Unified_communications_manager	N/A
2014-02-13	CVE-2014-0728	SQL injection vulnerability in the Java database interface in Cisco Unified Communications Manager (UCM) 10.0(1) and earlier allows remote attackers to execute arbitrary SQL commands via a crafted URL, aka Bug ID CSCum05313.	Unified_communications_manager	N/A