CVSS: 5.3EPSS: 0%CPEs: 2EXPL: 0CVE-2008-2730
https://notcve.org/view.php?id=CVE-2008-2730
26 Jun 2008 — The Real-Time Information Server (RIS) Data Collector service in Cisco Unified Communications Manager (CUCM) 5.x before 5.1(3) and 6.x before 6.1(1) allows remote attackers to bypass authentication, and obtain cluster configuration information and statistics, via a direct TCP connection to the service port, aka Bug ID CSCsj90843. El Servicio Real -Time Information Server (RIS) Data Collector de Cisco Unified Communications Manager (CUCM) 5.x versiones anteriores a la 5.1(3) y 6.x versiones anteriores a la 6... • http://secunia.com/advisories/30848 • CWE-287: Improper Authentication •
CVSS: 7.8EPSS: 0%CPEs: 13EXPL: 0CVE-2008-1742
https://notcve.org/view.php?id=CVE-2008-1742
16 May 2008 — Memory leak in the Certificate Trust List (CTL) Provider service in Cisco Unified Communications Manager (CUCM) 5.x before 5.1(3) allows remote attackers to cause a denial of service (memory consumption and service interruption) via a series of malformed TCP packets, as demonstrated by TCPFUZZ, aka Bug ID CSCsj80609. Fugas de memoria en el servicio Certificate Trust List (CTL) Provider de Cisco Unified Communications Manager (CUCM) 5.x versiones anteriores a 5.1(3) permite a atacantes remotos provocar una d... • http://secunia.com/advisories/30238 • CWE-399: Resource Management Errors •
CVSS: 7.8EPSS: 1%CPEs: 2EXPL: 0CVE-2008-1743
https://notcve.org/view.php?id=CVE-2008-1743
16 May 2008 — Memory leak in the Certificate Trust List (CTL) Provider service in Cisco Unified Communications Manager (CUCM) 5.x before 5.1(3) and 6.x before 6.1(1) allows remote attackers to cause a denial of service (memory consumption and service interruption) via a series of malformed TCP packets, aka Bug ID CSCsi98433. Fugas de memoria en el servicio Certificate Trust List (CTL) Provider service de Cisco Unified Communications Manager (CUCM) 5.x versiones anteriores a 5.1(3) y 6.x versiones anteriores a 6.1(1) perm... • http://secunia.com/advisories/30238 • CWE-399: Resource Management Errors •
CVSS: 7.8EPSS: 1%CPEs: 20EXPL: 0CVE-2008-1744
https://notcve.org/view.php?id=CVE-2008-1744
16 May 2008 — The Certificate Authority Proxy Function (CAPF) service in Cisco Unified Communications Manager (CUCM) 4.1 before 4.1(3)SR7, 4.2 before 4.2(3)SR4, and 4.3 before 4.3(2) allows remote attackers to cause a denial of service (service crash) via malformed network traffic, aka Bug ID CSCsk46770. El servicio Certificate Authority Proxy Function (CAPF) service de Cisco Unified Communications Manager (CUCM) 4.1 versiones anteriores a 4.1(3)SR7, 4.2 versiones anteriores a 4.2(3)SR4, y 4.3 versiones anteriores a 4.3(... • http://secunia.com/advisories/30238 • CWE-20: Improper Input Validation •
CVSS: 7.8EPSS: 1%CPEs: 21EXPL: 0CVE-2008-1745
https://notcve.org/view.php?id=CVE-2008-1745
16 May 2008 — Cisco Unified Communications Manager (CUCM) 5.x before 5.1(2) and 6.x before 6.1(1) allows remote attackers to cause a denial of service (service interruption) via a SIP JOIN message with a malformed header, aka Bug ID CSCsi48115. Cisco Unified Communications Manager (CUCM) 5.x versiones anteriores a 5.1(2) y 6.x versiones anteriores a 6.1(1) permite a atacantes remotos provocar una denegación de servicio (interrupción del servicio) a través de un mensaje SIP JOIN con una cabecera malformada, también conoci... • http://secunia.com/advisories/30238 • CWE-20: Improper Input Validation •
CVSS: 7.8EPSS: 1%CPEs: 18EXPL: 0CVE-2008-1746
https://notcve.org/view.php?id=CVE-2008-1746
16 May 2008 — The SNMP Trap Agent service in Cisco Unified Communications Manager (CUCM) 4.1 before 4.1(3)SR6, 4.2 before 4.2(3)SR3, 4.3 before 4.3(2), 5.x before 5.1(3), and 6.x before 6.1(1) allows remote attackers to cause a denial of service (core dump and service restart) via a series of malformed UDP packets, as demonstrated by the IP Stack Integrity Checker (ISIC), aka Bug ID CSCsj24113. El servicio SNMP Trap Agent de Cisco Unified Communications Manager (CUCM) 4.1 versiones anteriores a 4.1(3)SR6, 4.2 versiones a... • http://secunia.com/advisories/30238 • CWE-20: Improper Input Validation •
CVSS: 7.8EPSS: 2%CPEs: 5EXPL: 0CVE-2008-1747
https://notcve.org/view.php?id=CVE-2008-1747
16 May 2008 — Unspecified vulnerability in Cisco Unified Communications Manager 4.1 before 4.1(3)SR6, 4.2 before 4.2(3)SR3, 4.3 before 4.3(2), 5.x before 5.1(3), and 6.x before 6.1(1) allows remote attackers to cause a denial of service (CCM service restart) via an unspecified SIP INVITE message, aka Bug ID CSCsk46944. Vulnerabilidad no especificada en Cisco Unified Communications Manager 4.1 versiones anteriores a 4.1(3)SR6, 4.2 versiones anteriores a 4.2(3)SR3, 4.3 versiones anteriores a 4.3(2), 5.x versiones anteriore... • http://secunia.com/advisories/30238 • CWE-20: Improper Input Validation •
CVSS: 7.8EPSS: 2%CPEs: 5EXPL: 0CVE-2008-1748
https://notcve.org/view.php?id=CVE-2008-1748
16 May 2008 — Cisco Unified Communications Manager 4.1 before 4.1(3)SR7, 4.2 before 4.2(3)SR4, 4.3 before 4.3(2), 5.x before 5.1(3), and 6.x before 6.1(1) does not properly validate SIP URLs, which allows remote attackers to cause a denial of service (service interruption) via a SIP INVITE message, aka Bug ID CSCsl22355. Cisco Unified Communications Manager 4.1 versiones anteriores a 4.1(3)SR7, 4.2 versiones anteriores a 4.2(3)SR4, 4.3 versiones anteriores a 4.3(2), 5.x versiones anteriores a 5.1(3), y 6.x versiones ante... • http://secunia.com/advisories/30238 • CWE-20: Improper Input Validation •
CVSS: 10.0EPSS: 5%CPEs: 8EXPL: 0CVE-2008-1154
https://notcve.org/view.php?id=CVE-2008-1154
04 Apr 2008 — The Disaster Recovery Framework (DRF) master server in Cisco Unified Communications products, including Unified Communications Manager (CUCM) 5.x and 6.x, Unified Presence 1.x and 6.x, Emergency Responder 2.x, and Mobility Manager 2.x, does not require authentication for requests received from the network, which allows remote attackers to execute arbitrary code via unspecified vectors. El Disaster Recovery Framework (DRF) Master Server en productos Cisco Unified Communications, incluyendo Unified Communicat... • http://secunia.com/advisories/29670 • CWE-287: Improper Authentication •
CVSS: 8.8EPSS: 0%CPEs: 20EXPL: 1CVE-2008-0026 – Cisco Unified Communications Manager 6.1 - 'key' SQL Injection
https://notcve.org/view.php?id=CVE-2008-0026
14 Feb 2008 — SQL injection vulnerability in Cisco Unified CallManager/Communications Manager (CUCM) 5.0/5.1 before 5.1(3a) and 6.0/6.1 before 6.1(1a) allows remote authenticated users to execute arbitrary SQL commands via the key parameter to the (1) admin and (2) user interface pages. Una vulnerabilidad de la inyección SQL en Cisco Unified CallManager/Communications Manager (CUCM) versiones 5.0/5.1 anteriores a 5.1(3a) y versiones 6.0/6.1 anteriores a 6.1(1a), permite a los usuarios autenticados remotos ejecutar comand... • https://www.exploit-db.com/exploits/31189 • CWE-89: Improper Neutralization of Special Elements used in an SQL Command ('SQL Injection') •