Unified_communications_manager - Vulncode-DB

Note:

This project will be discontinued after December 13, 2021. [more]

Product:
Unified_communications_manager
(Cisco)

Repositories	Unknown: This might be proprietary software.
#Vulnerabilities	236

Date	Id	Summary	Products	Score	Patch	Annotated
2016-02-09	CVE-2016-1317	Cisco Unified Communications Manager 11.5(0.98000.480) allows remote authenticated users to obtain sensitive database table-name and entity-name information via a direct request to an unspecified URL, aka Bug ID CSCuy11098.	Unified_communications_manager	4.3
2016-02-07	CVE-2016-1308	SQL injection vulnerability in Cisco Unified Communications Manager 10.5(2.13900.9) allows remote authenticated users to execute arbitrary SQL commands via a crafted URL, aka Bug ID CSCux99227.	Unified_communications_manager	6.5
2016-01-08	CVE-2015-6433	SQL injection vulnerability in Cisco Unified Communications Manager 11.0(0.98000.225) allows remote authenticated users to execute arbitrary SQL commands via a crafted URL, aka Bug ID CSCut66767.	Unified_communications_manager	6.5
2015-12-16	CVE-2015-6425	The WebApplications Identity Management subsystem in Cisco Unified Communications Manager 10.5(0.98000.88) allows remote attackers to cause a denial of service (subsystem outage) via invalid session tokens, aka Bug ID CSCul83786.	Unified_communications_manager	N/A
2015-07-31	CVE-2015-4295	The Prime Collaboration Deployment component in Cisco Unified Communications Manager 10.5(3.10000.9) allows remote authenticated users to discover root credentials via a direct request to an unspecified URL, aka Bug ID CSCuv21819.	Unified_communications_manager	N/A
2015-07-14	CVE-2015-4272	Multiple cross-site scripting (XSS) vulnerabilities in the ccmivr page in Cisco Unified Communications Manager (formerly CallManager) 10.5(2.10000.5) allow remote attackers to inject arbitrary web script or HTML via a crafted parameter, aka Bug ID CSCut19580.	Unified_communications_manager	N/A
2015-07-14	CVE-2015-4269	The Tomcat throttling feature in Cisco Unified Communications Manager 10.5(1.99995.9) allows remote authenticated users to cause a denial of service (management outage) by sending many requests, aka Bug ID CSCuu99709.	Unified_communications_manager	N/A
2015-12-15	CVE-2015-4206	Cisco Unified Communications Manager (UCM) 8.0 through 8.6 allows remote attackers to bypass an XSS protection mechanism via a crafted parameter, aka Bug ID CSCuu15266.	Unified_communications_manager	N/A
2015-05-29	CVE-2015-0751	Cisco IP Phone 7861, when firmware from Cisco Unified Communications Manager 10.3(1) is used, allows remote attackers to cause a denial of service via crafted packets, aka Bug ID CSCus81800.	Unified_communications_manager	N/A
2015-05-16	CVE-2015-0717	Cisco Unified Communications Manager 10.0(1.10000.12) allows local users to gain privileges via a command string in an unspecified parameter, aka Bug ID CSCut19546.	Unified_communications_manager	N/A