CVSS: 4.0EPSS: 0%CPEs: 1EXPL: 0CVE-2015-0683
https://notcve.org/view.php?id=CVE-2015-0683
Cisco Unified Communications Domain Manager 8.1(4) allows remote authenticated users to obtain sensitive information via a file-inclusion attack, aka Bug ID CSCup94744. Cisco Unified Communications Domain Manager 8.1(4) permite a usuarios remotos autenticados obtener información sensible a través de un ataque de inclusión de ficheros, también conocido como Bug ID CSCup94744. • http://tools.cisco.com/security/center/viewAlert.x?alertId=38118 http://www.securitytracker.com/id/1032003 • CWE-200: Exposure of Sensitive Information to an Unauthorized Actor •
CVSS: 6.5EPSS: 0%CPEs: 1EXPL: 0CVE-2015-0682
https://notcve.org/view.php?id=CVE-2015-0682
Cisco Unified Communications Domain Manager 8.1(4) allows remote authenticated users to execute arbitrary code by visiting a "deprecated page," aka Bug ID CSCup90168. Cisco Unified Communications Domain Manager 8.1(4) permite a usuarios remotos autenticados ejecutar código arbitrario mediante la visita a una 'página obsoleta,' también conocido como Bug ID CSCup90168. • http://tools.cisco.com/security/center/viewAlert.x?alertId=38113 http://www.securitytracker.com/id/1032002 • CWE-264: Permissions, Privileges, and Access Controls •
CVSS: 6.8EPSS: 0%CPEs: 1EXPL: 1CVE-2014-8008 – Cisco Unified Communications Manager - Multiple Vulnerabilities
https://notcve.org/view.php?id=CVE-2014-8008
Absolute path traversal vulnerability in the Real-Time Monitoring Tool (RTMT) API in Cisco Unified Communications Manager (CUCM) allows remote authenticated users to read arbitrary files via a full pathname in an API command, aka Bug ID CSCur49414. Vulnerabilidad de recorrido de directorio absoluto en la API Real-Time Monitoring Tool (RTMT) en Cisco Unified Communications Manager (CUCM) permite a usuarios remotos autenticados leer ficheros arbitrarios a través del nombre de ruta completo en un comando API, también conocido como Bug ID CSCur49414. • https://www.exploit-db.com/exploits/37816 http://tools.cisco.com/security/center/content/CiscoSecurityNotice/CVE-2014-8008 http://www.securityfocus.com/bid/72263 http://www.securitytracker.com/id/1031604 https://tools.cisco.com/security/center/viewAlert.x?alertId=37111 • CWE-200: Exposure of Sensitive Information to an Unauthorized Actor •
CVSS: 5.0EPSS: 0%CPEs: 1EXPL: 0CVE-2015-0591
https://notcve.org/view.php?id=CVE-2015-0591
Cisco Unified Communications Domain Manager (UCDM) 10 allows remote attackers to cause a denial of service (daemon hang and GUI outage) via a flood of malformed TCP packets, aka Bug ID CSCur44177. Cisco Unified Communications Domain Manager (UCDM) 10 permite a atacantes causar una denegación de servicio (cuelgue de demonio y interrupción de GUI) a través de una inundación de paquetes TCP malformados, también conocido como Bug ID CSCur44177. • http://tools.cisco.com/security/center/content/CiscoSecurityNotice/CVE-2015-0591 http://www.securityfocus.com/bid/72084 http://www.securitytracker.com/id/1031561 https://exchange.xforce.ibmcloud.com/vulnerabilities/100661 • CWE-399: Resource Management Errors •
CVSS: 6.8EPSS: 0%CPEs: 1EXPL: 0CVE-2015-0588
https://notcve.org/view.php?id=CVE-2015-0588
Cross-site request forgery (CSRF) vulnerability in Cisco Unified Communications Domain Manager (UCDM) 10 allows remote attackers to hijack the authentication of arbitrary users, aka Bug ID CSCuo77055. Vulnerabilidad de CSRF en Cisco Unified Communications Domain Manager (UCDM) 10 permite a atacantes remotos secuestrar la autenticación de usuarios arbitrarios, también conocido como Bug ID CSCuo77055. • http://secunia.com/advisories/62352 http://tools.cisco.com/security/center/content/CiscoSecurityNotice/CVE-2015-0588 http://www.securityfocus.com/bid/72082 http://www.securitytracker.com/id/1031559 https://exchange.xforce.ibmcloud.com/vulnerabilities/100657 • CWE-352: Cross-Site Request Forgery (CSRF) •