CVE-2014-3328
https://notcve.org/view.php?id=CVE-2014-3328
The Intercluster Sync Agent Service in Cisco Unified Presence Server allows remote attackers to cause a denial of service via a TCP SYN flood, aka Bug ID CSCun34125. Intercluster Sync Agent Service en Cisco Unified Presence Server permite a atacantes remotos causar una denegación de servicio a través de una inundación de paquetes TCP SYN, también conocido como Bug ID CSCun34125. • http://tools.cisco.com/security/center/content/CiscoSecurityNotice/CVE-2014-3328 http://www.securityfocus.com/bid/68901 http://www.securitytracker.com/id/1030643 https://exchange.xforce.ibmcloud.com/vulnerabilities/94879 • CWE-400: Uncontrolled Resource Consumption •
CVE-2013-6983
https://notcve.org/view.php?id=CVE-2013-6983
SQL injection vulnerability in the web interface in Cisco Unified Presence Server allows remote authenticated users to execute arbitrary SQL commands via a crafted URL, aka Bug ID CSCuh35615. Vulnerabilidad de inyección SQL en la interfaz web de Cisco Unified Presence Server permite a los usuarios remotos autenticados ejecutar comandos SQL a través de una URL manipulada, también conocido como Bug ID CSCuh35615. • http://osvdb.org/101514 http://secunia.com/advisories/56273 http://tools.cisco.com/security/center/content/CiscoSecurityNotice/CVE-2013-6983 http://www.securityfocus.com/bid/64551 http://www.securitytracker.com/id/1029547 https://exchange.xforce.ibmcloud.com/vulnerabilities/90011 • CWE-89: Improper Neutralization of Special Elements used in an SQL Command ('SQL Injection') •
CVE-2013-1242
https://notcve.org/view.php?id=CVE-2013-1242
Memory leak in the web framework in the server in Cisco Unified Presence (CUP) allows remote attackers to cause a denial of service (memory consumption) via malformed TCP packets, aka Bug ID CSCug38080. Fuga de memoria en el framework web en el servidor de Cisco Unified Presence (CUP) permite a atacantes remotos provocar una denegación de servicio (consumo de memoria), a través de paquetes TCP mal formados, también conocido como Bug ID CSCug38080. • http://tools.cisco.com/security/center/content/CiscoSecurityNotice/CVE-2013-1242 • CWE-399: Resource Management Errors •
CVE-2013-1137
https://notcve.org/view.php?id=CVE-2013-1137
Cisco Unified Presence Server (CUPS) 8.6, 9.0, and 9.1 before 9.1.1 allows remote attackers to cause a denial of service (CPU consumption) via crafted packets to the SIP TCP port, aka Bug ID CSCua89930. Cisco Unified Presence Server (CUPS) v8.6, v9.0 y v9.1 antes de v9.1.1 permite a atacantes remotos provocar una denegación de servicio (consumo de CPU) a través de paquetes diseñados al puerto SIP TCP, conocido como Bug ID CSCua89930. • http://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20130227-cups • CWE-119: Improper Restriction of Operations within the Bounds of a Memory Buffer •
CVE-2011-1643
https://notcve.org/view.php?id=CVE-2011-1643
Cisco Unified Communications Manager (aka CUCM, formerly CallManager) 6.x, 7.x before 7.1(5b)su4, 8.0, and 8.5 before 8.5(1)su2 and Cisco Unified Presence Server 6.x, 7.x, 8.0, and 8.5 before 8.5xnr allow remote attackers to read database data by connecting to a query interface through an SSL session, aka Bug IDs CSCti81574, CSCto63060, CSCto72183, and CSCto73833. Cisco Unified Communications Manager (también conocido como CUCM o formerly CallManager) v6.x, v7.x antes de v7.1(5b)su4, v8.0, y v8.5 antes de v8.5(1)su2 y Cisco Unified Presence Server v6.x, v7.x, v8.0, y v8.5 antes de v8.5xnr, permite a atacantes remotos leer datos de la base de datos conectandose a la interfaz de consulta a través de una sesión SSL, también conocido como Bug IDs CSCti81574, CSCto63060, CSCto72183 y CSCto73833. • http://www.cisco.com/en/US/products/products_security_advisory09186a0080b8f532.shtml • CWE-200: Exposure of Sensitive Information to an Unauthorized Actor •