CVSS: 4.0EPSS: 0%CPEs: 113EXPL: 0CVE-2013-6978
https://notcve.org/view.php?id=CVE-2013-6978
The disaster recovery system (DRS) component in Cisco Unified Communications Manager (UCM) 9.1(1) and earlier allows remote authenticated users to obtain sensitive device information by reading "extraneous information" in HTML source code, aka Bug ID CSCuj39249. El componente disaster recovery system (DRS) en CIsco Unified Communications Manager (UCM) 9.1 (1) y anteriores permite usuarios remotos autenticados obtener información sensible dle dispositivo leyendo "extraneous information" en el código fuente HTML, tambien conocido como Bug ID CSCuj39249. • http://osvdb.org/101162 http://tools.cisco.com/security/center/content/CiscoSecurityNotice/CVE-2013-6978 http://tools.cisco.com/security/center/viewAlert.x?alertId=32219 http://www.securityfocus.com/bid/64421 http://www.securitytracker.com/id/1029520 https://exchange.xforce.ibmcloud.com/vulnerabilities/89834 • CWE-200: Exposure of Sensitive Information to an Unauthorized Actor •
CVSS: 6.3EPSS: 0%CPEs: 113EXPL: 0CVE-2013-6688
https://notcve.org/view.php?id=CVE-2013-6688
Directory traversal vulnerability in the license-upload interface in the Enterprise License Manager (ELM) component in Cisco Unified Communications Manager 9.1(1) and earlier allows remote authenticated users to create arbitrary files via a crafted path, aka Bug ID CSCui58222. Vulnerabilidad de salto de directorio en la interfaz license-upload del componente Enterprise License Manager (ELM) de Cisco Unified Communications Manager 9.1(1) y anteriores permite a usuarios remotos autenticados crear archivos arbitrarios a través de rutas diseñadas, también conocido como Bug ID CSCui58222. • http://tools.cisco.com/security/center/content/CiscoSecurityNotice/CVE-2013-6688 http://tools.cisco.com/security/center/viewAlert.x?alertId=31759 • CWE-22: Improper Limitation of a Pathname to a Restricted Directory ('Path Traversal') •
CVSS: 6.9EPSS: 0%CPEs: 113EXPL: 0CVE-2013-6689
https://notcve.org/view.php?id=CVE-2013-6689
Cisco Unified Communications Manager (Unified CM) 9.1(1) and earlier allows local users to bypass file permissions, and read, modify, or create arbitrary files, via an "overload" of the command-line utility, aka Bug ID CSCui58229. Cisco Unified Communications Manager (Unified CM) 9.1 (1) y anteriores permite a usuarios locales eludir los permisos de archivos, y leer, modificar o crear ficheros arbitrariamente, a través de una "sobrecarga" de la utilidad de línea de comandos, también conocido como Bug ID CSCui58229. • http://tools.cisco.com/security/center/content/CiscoSecurityNotice/CVE-2013-6689 http://tools.cisco.com/security/center/viewAlert.x?alertId=31758 • CWE-20: Improper Input Validation •
CVSS: 7.8EPSS: 0%CPEs: 23EXPL: 0CVE-2013-3459
https://notcve.org/view.php?id=CVE-2013-3459
Cisco Unified Communications Manager (Unified CM) 7.1(x) before 7.1(5b)su6a does not properly handle errors, which allows remote attackers to cause a denial of service (service disruption) via malformed registration messages, aka Bug ID CSCuf93466. Cisco Unified Communications Manager (Unified CM) v7.1(x) anterior a v7.1(5b)su6a no maneja adecuadamente los errores, lo que permite a atacantes remotos provocar una denegación de servicio (interrupción del servicio) a través de mensajes de registro con formato incorrecto, también conocido como Bug ID CSCuf93466. • http://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20130821-cucm http://www.securitytracker.com/id/1028938 • CWE-399: Resource Management Errors •
CVSS: 7.8EPSS: 0%CPEs: 15EXPL: 0CVE-2013-3460
https://notcve.org/view.php?id=CVE-2013-3460
Memory leak in Cisco Unified Communications Manager (Unified CM) 8.5(x) before 8.5(1)su6, 8.6(x) before 8.6(2a)su3, and 9.x before 9.1(1) allows remote attackers to cause a denial of service (service disruption) via a high rate of UDP packets, aka Bug ID CSCub85597. Fuga de memoria en Cisco Unified Communications Manager (Unified CM) v8.5(x) anterior a v8.5(1)su6, v8.6(x) anterior a v8.6(2a)su3, y v9.x anterior a v9.1(1) permite a atacantes remotos provocar una denegación de servicio (interrupción del servicio) a través de una alta tasa de paquetes UDP, también conocido como Bug ID CSCub85597. • http://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20130821-cucm http://www.securitytracker.com/id/1028938 • CWE-399: Resource Management Errors •