CVSS: 10.0EPSS: 0%CPEs: 69EXPL: 0CVE-2011-1643
https://notcve.org/view.php?id=CVE-2011-1643
Cisco Unified Communications Manager (aka CUCM, formerly CallManager) 6.x, 7.x before 7.1(5b)su4, 8.0, and 8.5 before 8.5(1)su2 and Cisco Unified Presence Server 6.x, 7.x, 8.0, and 8.5 before 8.5xnr allow remote attackers to read database data by connecting to a query interface through an SSL session, aka Bug IDs CSCti81574, CSCto63060, CSCto72183, and CSCto73833. Cisco Unified Communications Manager (también conocido como CUCM o formerly CallManager) v6.x, v7.x antes de v7.1(5b)su4, v8.0, y v8.5 antes de v8.5(1)su2 y Cisco Unified Presence Server v6.x, v7.x, v8.0, y v8.5 antes de v8.5xnr, permite a atacantes remotos leer datos de la base de datos conectandose a la interfaz de consulta a través de una sesión SSL, también conocido como Bug IDs CSCti81574, CSCto63060, CSCto72183 y CSCto73833. • http://www.cisco.com/en/US/products/products_security_advisory09186a0080b8f532.shtml • CWE-200: Exposure of Sensitive Information to an Unauthorized Actor •
CVSS: 7.8EPSS: 0%CPEs: 11EXPL: 0CVE-2011-2564
https://notcve.org/view.php?id=CVE-2011-2564
Unspecified vulnerability in the Service Advertisement Framework (SAF) in Cisco Unified Communications Manager (aka CUCM, formerly CallManager) 8.x before 8.5(1) and Cisco Intercompany Media Engine 8.x before 8.5(1) allows remote attackers to cause a denial of service (device reload) via crafted SAF packets, aka Bug ID CSCth19417. Vulnerabilidad no especificada en el Service Advertisement Framework (SAF) en Cisco Unified Communications Manager (también conocido cómo CUCM, formalmente CallManager) v8.x antes de v8.5(1) y Cisco Intercompany Media Engine v8.x antes de v8.5(1) permite a atacantes remotos provocar una denegación de servicio (reinicio del dispositivo) a través de paquetes SAF modificados, también conocido como Bug ID CSCth19417 • http://www.cisco.com/en/US/products/products_security_advisory09186a0080b8f531.shtml http://www.cisco.com/en/US/products/products_security_advisory09186a0080b8f533.shtml http://www.securitytracker.com/id?1025969 •
CVSS: 7.8EPSS: 0%CPEs: 11EXPL: 0CVE-2011-2563
https://notcve.org/view.php?id=CVE-2011-2563
Unspecified vulnerability in the Service Advertisement Framework (SAF) in Cisco Unified Communications Manager (aka CUCM, formerly CallManager) 8.x before 8.5(1) and Cisco Intercompany Media Engine 8.x before 8.5(1) allows remote attackers to cause a denial of service (device reload) via crafted SAF packets, aka Bug ID CSCth26669. Vulnerabilidad no especificada en el Service Advertisement Framework (SAF) en Cisco Unified Communications Manager (también conocido como CUCM, CallManager) v8.xantes de v8.5(1) y Cisco Intercompany Media Engine v8.x antes de v8.5(1) permite a atacantes remotos provocar una denegación de servicio (reinicio del dispositivo) a través de paquetes SAF modificados, también conocido como Bug ID CSCth26669 • http://www.cisco.com/en/US/products/products_security_advisory09186a0080b8f531.shtml http://www.cisco.com/en/US/products/products_security_advisory09186a0080b8f533.shtml http://www.securitytracker.com/id?1025969 •
CVSS: 6.5EPSS: 0%CPEs: 46EXPL: 0CVE-2011-1607
https://notcve.org/view.php?id=CVE-2011-1607
Directory traversal vulnerability in Cisco Unified Communications Manager (aka CUCM, formerly CallManager) 6.x before 6.1(5)su3, 7.x before 7.1(5b)su3, 8.0 before 8.0(3a)su1, and 8.5 before 8.5(1) allows remote authenticated users to upload files to arbitrary directories via a modified pathname in an upload request, aka Bug ID CSCti81603. Vulnerabilidad de salto de directorio en Cisco Unified Communications Manager (también conocido como CUCM o CallManager) v6.x antes de v6.1(5)su3, 7.x antes de 7.1 (5b) SU3, 8.0 antes de 8.0 (3 bis) su1, y 8.5 antes de 8.5 (1) permite a usuarios autenticados remotamente subir archivos a directorios de su elección a través de una ruta modificada en una petición de subida, también conocido como Bug ID CSCti81603. • http://archives.neohapsis.com/archives/fulldisclosure/2011-05/0051.html http://secunia.com/advisories/44331 http://www.cisco.com/en/US/products/products_security_advisory09186a0080b79904.shtml http://www.securityfocus.com/bid/47608 http://www.securitytracker.com/id?1025449 http://www.vupen.com/english/advisories/2011/1122 https://exchange.xforce.ibmcloud.com/vulnerabilities/67127 • CWE-22: Improper Limitation of a Pathname to a Restricted Directory ('Path Traversal') •
CVSS: 7.8EPSS: 2%CPEs: 45EXPL: 0CVE-2011-1606
https://notcve.org/view.php?id=CVE-2011-1606
Unspecified vulnerability in Cisco Unified Communications Manager (aka CUCM, formerly CallManager) 6.x before 6.1(5)su2, 7.x before 7.1(5)su1, 8.0 before 8.0(3), and 8.5 before 8.5(1) allows remote attackers to cause a denial of service (process failure) via a malformed SIP message, aka Bug ID CSCtg62855. Vulnerabilidad no especificada en Cisco Unified Communications Manager (también conocido como CUCM o CallManager) v6.x antes de v6.1(5)su2, v7.x antes de v7.1(5)su1, v8.0 antes de v8.0(3), y v8.5 antes de v8.5(1) permite a atacantes remotos provocar una denegación de servicio (fallo del proceso) a través de un mensaje SIP con formato incorrecto, también conocido como Bug ID CSCtg62855. • http://archives.neohapsis.com/archives/fulldisclosure/2011-05/0051.html http://secunia.com/advisories/44331 http://www.cisco.com/en/US/products/products_security_advisory09186a0080b79904.shtml http://www.securityfocus.com/bid/47611 http://www.securitytracker.com/id?1025449 http://www.vupen.com/english/advisories/2011/1122 https://exchange.xforce.ibmcloud.com/vulnerabilities/67124 •