NotCVE - vendor:"Cisco" product:"Unified Communications Domain Manager"

Page 3 of 43 results (0.006 seconds)

CVSS: 6.1EPSS: 0%CPEs: 1EXPL: 0

CVE-2014-8018

https://notcve.org/view.php?id=CVE-2014-8018

22 Dec 2014 — Multiple cross-site scripting (XSS) vulnerabilities in Business Voice Services Manager (BVSM) pages in the Application Software in Cisco Unified Communications Domain Manager 8 allow remote attackers to inject arbitrary web script or HTML via a crafted URL, aka Bug IDs CSCur19651, CSCur18555, CSCur19630, and CSCur19661. Múltiples vulnerabilidades XSS en BetkQ Access Manager (NAM) 4.x anterior a 4.1 permite a atacantes remotos inyectar scripts o HTML arbitrario mediante (1) un parámetro arbitrario hacia roma... • http://tools.cisco.com/security/center/content/CiscoSecurityNotice/CVE-2014-8018 • CWE-79: Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') •

CVSS: 7.2EPSS: 0%CPEs: 1EXPL: 0

CVE-2014-8010

https://notcve.org/view.php?id=CVE-2014-8010

10 Dec 2014 — The web framework in Cisco Unified Communications Domain Manager 8 allows remote authenticated administrators to execute arbitrary OS commands via crafted values, aka Bug ID CSCuq50205. El Framework web en Cisco Unified Communications Domain Manager 8 permite a administradores remotos autenticados ejecutar comandos OS arbitrarios a través de valores manipulados, también conocido como Bug ID CSCuq50205. • http://tools.cisco.com/security/center/content/CiscoSecurityNotice/CVE-2014-8010 • CWE-20: Improper Input Validation •

CVSS: 7.5EPSS: 0%CPEs: 1EXPL: 0

CVE-2014-3380

https://notcve.org/view.php?id=CVE-2014-3380

24 Sep 2014 — Cisco Unified Communications Domain Manager Platform Software 4.4(.3) and earlier allows remote attackers to cause a denial of service (CPU consumption) by sending crafted TCP packets quickly, aka Bug ID CSCuo42063. Cisco Unified Communications Domain Manager Platform Software 4.4(.3) y anteriores, permite a atacantes remotos provocar una denegación de servicio (consumo de CPU) mediante el envío rápido de paquetes TCP manipulados, también conocido como Bug ID CSCuo42063. • http://tools.cisco.com/security/center/content/CiscoSecurityNotice/CVE-2014-3380 • CWE-399: Resource Management Errors •

CVSS: 8.8EPSS: 0%CPEs: 2EXPL: 0

CVE-2014-3339

https://notcve.org/view.php?id=CVE-2014-3339

12 Aug 2014 — Multiple SQL injection vulnerabilities in the administrative web interface in Cisco Unified Communications Manager (CM) and Cisco Unified Presence Server (CUPS) allow remote authenticated users to execute arbitrary SQL commands via crafted input to unspecified pages, aka Bug ID CSCup74290. Múltiples vulnerabilidades de inyección SQL en la interfaz del web de administración en Cisco Unified Communications Manager (CM) y Cisco Unified Presence Server (CUPS) permiten a usuarios remotos autenticados ejecutar co... • http://tools.cisco.com/security/center/content/CiscoSecurityNotice/CVE-2014-3339 • CWE-89: Improper Neutralization of Special Elements used in an SQL Command ('SQL Injection') •

CVSS: 6.8EPSS: 2%CPEs: 1EXPL: 0

CVE-2014-3337

https://notcve.org/view.php?id=CVE-2014-3337

12 Aug 2014 — The SIP implementation in Cisco Unified Communications Manager (CM) 8.6(.2) and earlier allows remote authenticated users to cause a denial of service (process crash) via a crafted SIP message that is not properly handled during processing of an XML document, aka Bug ID CSCtq76428. La implementación SIP en Cisco Unified Communications Manager (CM) 8.6(.2) y anteriores permite a usuarios remotos autenticados causar una denegación de servicio (caída del proceso) a través de un mensaje SIP manipulado que no se... • http://secunia.com/advisories/60088 • CWE-20: Improper Input Validation •

CVSS: 6.1EPSS: 0%CPEs: 5EXPL: 0

CVE-2014-3320

https://notcve.org/view.php?id=CVE-2014-3320

18 Jul 2014 — Multiple open redirect vulnerabilities in the admin web interface in the web framework in Cisco Unified Communications Domain Manager (CDM) 8.1(.4) and earlier allow remote attackers to redirect users to arbitrary web sites and conduct phishing attacks via crafted URLs for unspecified scripts, aka Bug ID CSCuo48835. Múltiples vulnerabilidades de redirección abierta en la interfaz de web admin en el Framework web en Cisco Unified Communications Domain Manager (CDM) 8.1(.4) y anteriores permiten a atacantes r... • http://tools.cisco.com/security/center/content/CiscoSecurityNotice/CVE-2014-3320 •

CVSS: 7.5EPSS: 45%CPEs: 3EXPL: 2

CVE-2014-3300 – Viproy CUCDM IP Phone XML Services Speed Dial Attack Tool

https://notcve.org/view.php?id=CVE-2014-3300

07 Jul 2014 — The BVSMWeb portal in the web framework in Cisco Unified Communications Domain Manager (CDM) in Unified CDM Application Software before 10 does not properly implement access control, which allows remote attackers to modify user information via a crafted URL, aka Bug ID CSCum77041. El portal BVSMWeb en el Framework web en Cisco Unified Communications Domain Manager (CDM) en Unified CDM Application Software anterior a 10 no implementa debidamente el control de acceso, lo que facilita a atacantes remotos modif... • https://packetstorm.news/files/id/180711 • CWE-264: Permissions, Privileges, and Access Controls •

CVSS: 9.0EPSS: 0%CPEs: 2EXPL: 0

CVE-2014-2197

https://notcve.org/view.php?id=CVE-2014-2197

07 Jul 2014 — The Administration GUI in the web framework in Cisco Unified Communications Domain Manager (CDM) in Unified CDM Application Software before 8.1.4 does not properly implement access control, which allows remote authenticated users to modify administrative credentials via a crafted URL, aka Bug ID CSCun49862. La interfaz gráfica de usuario (GUI) Administration en el Framework web en Cisco Unified Communications Domain Manager (CDM) en Unified CDM Application Software anterior a 8.1.4 no implementa debidamente... • http://secunia.com/advisories/59573 • CWE-264: Permissions, Privileges, and Access Controls •

CVSS: 10.0EPSS: 2%CPEs: 2EXPL: 0

CVE-2014-2198

https://notcve.org/view.php?id=CVE-2014-2198

07 Jul 2014 — Cisco Unified Communications Domain Manager (CDM) in Unified CDM Platform Software before 4.4.2 has a hardcoded SSH private key, which makes it easier for remote attackers to obtain access to the support and root accounts by extracting this key from a binary file found in a different installation of the product, aka Bug ID CSCud41130. Cisco Unified Communications Domain Manager (CDM) en Unified CDM Platform Software anterior a 4.4.2 tiene una clave privada SSH embebida, lo que facilita a atacantes remotos o... • http://secunia.com/advisories/59544 • CWE-255: Credentials Management Errors •

CVSS: 5.3EPSS: 0%CPEs: 1EXPL: 0

CVE-2014-3278

https://notcve.org/view.php?id=CVE-2014-3278

08 Jun 2014 — The web framework in VOSS in Cisco Unified Communications Domain Manager (CDM) does not properly implement access control, which allows remote attackers to enumerate accounts by visiting an unspecified BVSMWeb web page, aka Bug IDs CSCun39619 and CSCun45572. El Framework web en VOSS en Cisco Unified Communications Domain Manager (CDM) no implementa debidamente control de acceso, lo que permite a atacantes remotos enumerar cuentas mediante la visita a una página web BVSMWeb no especificada, también conocido ... • http://secunia.com/advisories/58657 • CWE-264: Permissions, Privileges, and Access Controls •

1 2 3 4 5