Page 20 of 116 results (0.008 seconds)

CVSS: 5.0EPSS: 0%CPEs: 2EXPL: 0

The Real-Time Information Server (RIS) Data Collector service in Cisco Unified Communications Manager (CUCM) 5.x before 5.1(3) and 6.x before 6.1(1) allows remote attackers to bypass authentication, and obtain cluster configuration information and statistics, via a direct TCP connection to the service port, aka Bug ID CSCsj90843. El Servicio Real -Time Information Server (RIS) Data Collector de Cisco Unified Communications Manager (CUCM) 5.x versiones anteriores a la 5.1(3) y 6.x versiones anteriores a la 6.1(1) permite a atacantes remotos evitar la autenticación y obtener información sobre la configuración en cluster y estadísticas, a través de una conexión directa TCP al puerto de servicio, también conocida como Bug ID CSCsj90843. • http://secunia.com/advisories/30848 http://www.cisco.com/en/US/products/products_security_advisory09186a00809b9011.shtml http://www.securityfocus.com/bid/29935 http://www.securitytracker.com/id?1020361 http://www.vupen.com/english/advisories/2008/1933/references https://exchange.xforce.ibmcloud.com/vulnerabilities/43355 • CWE-287: Improper Authentication •

CVSS: 7.8EPSS: 1%CPEs: 2EXPL: 0

The Computer Telephony Integration (CTI) Manager service in Cisco Unified Communications Manager (CUCM) 5.x before 5.1(3c) and 6.x before 6.1(2) allows remote attackers to cause a denial of service (TSP crash) via malformed network traffic to TCP port 2748. El Servicio Computer Telephony Integration (CTI) Manager de Cisco Unified Communications Manager (CUCM) 5.x versiones anteriores a la 5.1(3c) y 6.x versiones anteriores a la 6.1(2) permite a atacantes remotos provocar una denegación de servicio (caída TSP) a través de tráfico mal formado de red al puerto TCP 2748. • http://secunia.com/advisories/30848 http://www.cisco.com/en/US/products/products_security_advisory09186a00809b9011.shtml http://www.securityfocus.com/bid/29933 http://www.securitytracker.com/id?1020360 http://www.vupen.com/english/advisories/2008/1933/references https://exchange.xforce.ibmcloud.com/vulnerabilities/43349 • CWE-20: Improper Input Validation •

CVSS: 7.8EPSS: 1%CPEs: 5EXPL: 0

Cisco Unified Communications Manager 4.1 before 4.1(3)SR7, 4.2 before 4.2(3)SR4, 4.3 before 4.3(2), 5.x before 5.1(3), and 6.x before 6.1(1) does not properly validate SIP URLs, which allows remote attackers to cause a denial of service (service interruption) via a SIP INVITE message, aka Bug ID CSCsl22355. Cisco Unified Communications Manager 4.1 versiones anteriores a 4.1(3)SR7, 4.2 versiones anteriores a 4.2(3)SR4, 4.3 versiones anteriores a 4.3(2), 5.x versiones anteriores a 5.1(3), y 6.x versiones anteriores a 6.1(1) no valida apropiadamente URLs SIP, lo cual permite a atacantes remotos provocar una denegación de servicio (interrupción del servicio) a través de un mensaje SIP INVITE, también conocido como ug ID CSCsl22355. • http://secunia.com/advisories/30238 http://securitytracker.com/id?1020022 http://www.cisco.com/en/US/products/products_security_advisory09186a0080995688.shtml http://www.securityfocus.com/bid/29221 http://www.vupen.com/english/advisories/2008/1533 https://exchange.xforce.ibmcloud.com/vulnerabilities/42419 • CWE-20: Improper Input Validation •

CVSS: 7.8EPSS: 2%CPEs: 18EXPL: 0

The SNMP Trap Agent service in Cisco Unified Communications Manager (CUCM) 4.1 before 4.1(3)SR6, 4.2 before 4.2(3)SR3, 4.3 before 4.3(2), 5.x before 5.1(3), and 6.x before 6.1(1) allows remote attackers to cause a denial of service (core dump and service restart) via a series of malformed UDP packets, as demonstrated by the IP Stack Integrity Checker (ISIC), aka Bug ID CSCsj24113. El servicio SNMP Trap Agent de Cisco Unified Communications Manager (CUCM) 4.1 versiones anteriores a 4.1(3)SR6, 4.2 versiones anteriores a 4.2(3)SR3, 4.3 versiones anteriores a 4.3(2), 5.x versiones anteriores a 5.1(3), y 6.x versiones anteriores a 6.1(1) permite a atacantes remotos provocar una denegación de servicio (core dump y reinicio del servicio) a través de una serie de paquetes UDP malformados, como lo demostrado por IP Stack Integrity Checker (ISIC), también conocido como Bug ID CSCsj24113. • http://secunia.com/advisories/30238 http://securitytracker.com/id?1020022 http://www.cisco.com/en/US/products/products_security_advisory09186a0080995688.shtml http://www.securityfocus.com/bid/29221 http://www.vupen.com/english/advisories/2008/1533 https://exchange.xforce.ibmcloud.com/vulnerabilities/42420 • CWE-20: Improper Input Validation •

CVSS: 7.8EPSS: 2%CPEs: 21EXPL: 0

Cisco Unified Communications Manager (CUCM) 5.x before 5.1(2) and 6.x before 6.1(1) allows remote attackers to cause a denial of service (service interruption) via a SIP JOIN message with a malformed header, aka Bug ID CSCsi48115. Cisco Unified Communications Manager (CUCM) 5.x versiones anteriores a 5.1(2) y 6.x versiones anteriores a 6.1(1) permite a atacantes remotos provocar una denegación de servicio (interrupción del servicio) a través de un mensaje SIP JOIN con una cabecera malformada, también conocido como Bug ID CSCsi48115. • http://secunia.com/advisories/30238 http://securitytracker.com/id?1020022 http://www.cisco.com/en/US/products/products_security_advisory09186a0080995688.shtml http://www.securityfocus.com/bid/29221 http://www.vupen.com/english/advisories/2008/1533 https://exchange.xforce.ibmcloud.com/vulnerabilities/42417 • CWE-20: Improper Input Validation •