Page 3 of 12 results (0.010 seconds)

CVSS: 7.8EPSS: 2%CPEs: 2EXPL: 0

The Presence Engine (PE) service in Cisco Unified Presence before 6.0(1) allows remote attackers to cause a denial of service (core dump and service interruption) via an unspecified "stress test," aka Bug ID CSCsh20972. El servicio Presence Engine (PE) de Cisco Unified Presence versiones anteriores a 6.0(1) permite a atacantes remotos provocar una denegación de servicio (core dump e interrupción del servicio) a través de "pruebas de estrés" sin especificar, también conocido como Bug ID CSCsh20972. • http://secunia.com/advisories/30240 http://securitytracker.com/id?1020023 http://www.cisco.com/en/US/products/products_security_advisory09186a0080995682.shtml http://www.securityfocus.com/bid/29220 http://www.vupen.com/english/advisories/2008/1534 https://exchange.xforce.ibmcloud.com/vulnerabilities/42412 • CWE-20: Improper Input Validation •

CVSS: 10.0EPSS: 11%CPEs: 8EXPL: 0

The Disaster Recovery Framework (DRF) master server in Cisco Unified Communications products, including Unified Communications Manager (CUCM) 5.x and 6.x, Unified Presence 1.x and 6.x, Emergency Responder 2.x, and Mobility Manager 2.x, does not require authentication for requests received from the network, which allows remote attackers to execute arbitrary code via unspecified vectors. El Disaster Recovery Framework (DRF) Master Server en productos Cisco Unified Communications, incluyendo Unified Communications Manager (CUCM) 5.x y 6.x, Unified Presence 1.x y 6.x, Emergency Responder 2.x, y Mobility Manager 2.x, no requiere autenticación para las peticiones recibidas desde la red, lo que permite a atacantes remotos ejecutar código arbitrario a través de vectores no especificados. • http://secunia.com/advisories/29670 http://securitytracker.com/id?1019768 http://www.cisco.com/en/US/products/products_security_advisory09186a008096fd9a.shtml http://www.securityfocus.com/bid/28591 http://www.vupen.com/english/advisories/2008/1093 https://exchange.xforce.ibmcloud.com/vulnerabilities/41632 • CWE-287: Improper Authentication •