CVSS: 7.8EPSS: 0%CPEs: 23EXPL: 0CVE-2013-3459
https://notcve.org/view.php?id=CVE-2013-3459
Cisco Unified Communications Manager (Unified CM) 7.1(x) before 7.1(5b)su6a does not properly handle errors, which allows remote attackers to cause a denial of service (service disruption) via malformed registration messages, aka Bug ID CSCuf93466. Cisco Unified Communications Manager (Unified CM) v7.1(x) anterior a v7.1(5b)su6a no maneja adecuadamente los errores, lo que permite a atacantes remotos provocar una denegación de servicio (interrupción del servicio) a través de mensajes de registro con formato incorrecto, también conocido como Bug ID CSCuf93466. • http://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20130821-cucm http://www.securitytracker.com/id/1028938 • CWE-399: Resource Management Errors •
CVSS: 7.8EPSS: 0%CPEs: 115EXPL: 0CVE-2013-3453
https://notcve.org/view.php?id=CVE-2013-3453
Memory leak in Cisco Unified Communications Manager IM and Presence Service before 8.6(5)SU1 and 9.x before 9.1(2), and Cisco Unified Presence, allows remote attackers to cause a denial of service (memory and CPU consumption) by making many TCP connections to port (1) 5060 or (2) 5061, aka Bug ID CSCud84959. Fuga de memoria en Cisco Unified Communications Manager IM y Presence Service anterior a 8.6(5)SU1 y 9.x anterior a 9.1(2), y Cisco Unified Presence, permite a atacantes remotos provocar una denegación de servicio (consumo de CPU y memoria) realizando multitud de conexiones TCP a los puertos (1) 5060 o (2) 5061. Aka Bug ID CSCud84959. • http://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20130821-cup • CWE-399: Resource Management Errors •
CVSS: 6.5EPSS: 0%CPEs: 56EXPL: 0CVE-2013-3412
https://notcve.org/view.php?id=CVE-2013-3412
SQL injection vulnerability in Cisco Unified Communications Manager (CUCM) 7.1(x) through 9.1(2) allows remote authenticated users to execute arbitrary SQL commands via unspecified vectors, aka Bug ID CSCuh81766. Vulnerabilidad de inyección SQL en el Cisco Unified Communications Manager (CUCM) v7.1(x) hasta v9.1(2) permite a atacantes remotos autenticados ejecutar comando arbitrarios SQL mediante vectores no especificados, también conocido como Bug ID CSCuh81766. • http://secunia.com/advisories/54249 http://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20130717-cucm • CWE-89: Improper Neutralization of Special Elements used in an SQL Command ('SQL Injection') •
CVSS: 6.5EPSS: 0%CPEs: 56EXPL: 0CVE-2013-3402
https://notcve.org/view.php?id=CVE-2013-3402
An unspecified function in Cisco Unified Communications Manager (CUCM) 7.1(x) through 9.1(2) allows remote authenticated users to execute arbitrary commands via unknown vectors, aka Bug ID CSCuh73440. Una función no especificada en Cisco Unified Communications Manager (CUCM) v7.1 (x) ahasta v9.1 (2) permite a usuarios remotos autenticados ejecutar código arbitrario a través de vectores desconocidos, también conocido como Bug ID CSCuh73440. • http://secunia.com/advisories/54249 http://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20130717-cucm • CWE-94: Improper Control of Generation of Code ('Code Injection') •
CVSS: 6.8EPSS: 0%CPEs: 56EXPL: 0CVE-2013-3433
https://notcve.org/view.php?id=CVE-2013-3433
Untrusted search path vulnerability in Cisco Unified Communications Manager (CUCM) 7.1(x) through 9.1(1a) allows local users to gain privileges by leveraging unspecified file-permission and environment-variable issues for privileged programs, aka Bug ID CSCui02276. Vulnerabilidad de ruta de búsqueda de no confianza en Cisco Unified Communications Manager (CUCM) v7.1 (x) hasta v9.1 (1a) permite a usuarios locales obtener privilegios mediante el aprovechamiento de los problemas de permisos de archivos y la variable de entorno especificadas para los programas privilegiados, también conocido como Bug ID CSCui02276. • http://osvdb.org/95404 http://secunia.com/advisories/54249 http://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20130717-cucm http://www.securityfocus.com/bid/61297 •