CVSS: 9.8EPSS: 0%CPEs: 30EXPL: 0CVE-2009-0632
https://notcve.org/view.php?id=CVE-2009-0632
12 Mar 2009 — The IP Phone Personal Address Book (PAB) Synchronizer feature in Cisco Unified Communications Manager (aka CUCM, formerly CallManager) 4.1, 4.2 before 4.2(3)SR4b, 4.3 before 4.3(2)SR1b, 5.x before 5.1(3e), 6.x before 6.1(3), and 7.0 before 7.0(2) sends privileged directory-service account credentials to the client in cleartext, which allows remote attackers to modify the CUCM configuration and perform other privileged actions by intercepting these credentials, and then using them in requests unrelated to th... • http://osvdb.org/52589 • CWE-255: Credentials Management Errors •
CVSS: 7.5EPSS: 2%CPEs: 36EXPL: 0CVE-2009-0057
https://notcve.org/view.php?id=CVE-2009-0057
22 Jan 2009 — The Certificate Authority Proxy Function (CAPF) service in Cisco Unified Communications Manager 5.x before 5.1(3e) and 6.x before 6.1(3) allows remote attackers to cause a denial of service (voice service outage) by sending malformed input over a TCP session in which the "client terminates prematurely." El servicio Certificate Authority Proxy Function (CAPF) en Cisco Unified Communications Manager 5.x antes de 5.1(3e) y 6.x antes de 6.1(3) permite a atacantes remotos provocar una denegación de servicio (par... • http://secunia.com/advisories/33588 • CWE-20: Improper Input Validation •
CVSS: 7.5EPSS: 7%CPEs: 10EXPL: 0CVE-2008-3801
https://notcve.org/view.php?id=CVE-2008-3801
26 Sep 2008 — Unspecified vulnerability in the Session Initiation Protocol (SIP) implementation in Cisco IOS 12.2 through 12.4 and Unified Communications Manager 4.1 through 6.1, when VoIP is configured, allows remote attackers to cause a denial of service (device or process reload) via unspecified valid SIP messages, aka Cisco Bug ID CSCsm46064, a different vulnerability than CVE-2008-3800 and CVE-2008-3802. Vulnerabilidad no especificada en la implementación de la Session Initiation Protocol en Cisco IOS v12.2 a la v12... • http://secunia.com/advisories/31990 •
CVSS: 7.5EPSS: 7%CPEs: 10EXPL: 0CVE-2008-3800
https://notcve.org/view.php?id=CVE-2008-3800
26 Sep 2008 — Unspecified vulnerability in the Session Initiation Protocol (SIP) implementation in Cisco IOS 12.2 through 12.4 and Unified Communications Manager 4.1 through 6.1, when VoIP is configured, allows remote attackers to cause a denial of service (device or process reload) via unspecified valid SIP messages, aka Cisco Bug ID CSCsu38644, a different vulnerability than CVE-2008-3801 and CVE-2008-3802. Vulnerabilidad no especificada en la implementación de la Session Initiation Protocol en Cisco IOS v12.2 a la v12... • http://secunia.com/advisories/31990 •
CVSS: 7.8EPSS: 1%CPEs: 2EXPL: 0CVE-2008-2061
https://notcve.org/view.php?id=CVE-2008-2061
26 Jun 2008 — The Computer Telephony Integration (CTI) Manager service in Cisco Unified Communications Manager (CUCM) 5.x before 5.1(3c) and 6.x before 6.1(2) allows remote attackers to cause a denial of service (TSP crash) via malformed network traffic to TCP port 2748. El Servicio Computer Telephony Integration (CTI) Manager de Cisco Unified Communications Manager (CUCM) 5.x versiones anteriores a la 5.1(3c) y 6.x versiones anteriores a la 6.1(2) permite a atacantes remotos provocar una denegación de servicio (caída TS... • http://secunia.com/advisories/30848 • CWE-20: Improper Input Validation •
CVSS: 5.3EPSS: 2%CPEs: 4EXPL: 0CVE-2008-2062
https://notcve.org/view.php?id=CVE-2008-2062
26 Jun 2008 — The Real-Time Information Server (RIS) Data Collector service in Cisco Unified Communications Manager (CUCM) before 4.2(3)SR4, and 4.3 before 4.3(2)SR1, allows remote attackers to bypass authentication, and obtain cluster configuration information and statistics, via a direct TCP connection to the service port, aka Bug ID CSCsq35151. El Servicio Real-Time Information Server (RIS) Data Collector de Cisco Unified Communications Manager (CUCM) versiones anteriores a la 4.2(3)SR4 y 4.3 versiones anterieos a la ... • http://secunia.com/advisories/30848 • CWE-264: Permissions, Privileges, and Access Controls •
CVSS: 5.3EPSS: 1%CPEs: 2EXPL: 0CVE-2008-2730
https://notcve.org/view.php?id=CVE-2008-2730
26 Jun 2008 — The Real-Time Information Server (RIS) Data Collector service in Cisco Unified Communications Manager (CUCM) 5.x before 5.1(3) and 6.x before 6.1(1) allows remote attackers to bypass authentication, and obtain cluster configuration information and statistics, via a direct TCP connection to the service port, aka Bug ID CSCsj90843. El Servicio Real -Time Information Server (RIS) Data Collector de Cisco Unified Communications Manager (CUCM) 5.x versiones anteriores a la 5.1(3) y 6.x versiones anteriores a la 6... • http://secunia.com/advisories/30848 • CWE-287: Improper Authentication •
CVSS: 7.8EPSS: 2%CPEs: 13EXPL: 0CVE-2008-1742
https://notcve.org/view.php?id=CVE-2008-1742
16 May 2008 — Memory leak in the Certificate Trust List (CTL) Provider service in Cisco Unified Communications Manager (CUCM) 5.x before 5.1(3) allows remote attackers to cause a denial of service (memory consumption and service interruption) via a series of malformed TCP packets, as demonstrated by TCPFUZZ, aka Bug ID CSCsj80609. Fugas de memoria en el servicio Certificate Trust List (CTL) Provider de Cisco Unified Communications Manager (CUCM) 5.x versiones anteriores a 5.1(3) permite a atacantes remotos provocar una d... • http://secunia.com/advisories/30238 • CWE-399: Resource Management Errors •
CVSS: 7.8EPSS: 1%CPEs: 2EXPL: 0CVE-2008-1743
https://notcve.org/view.php?id=CVE-2008-1743
16 May 2008 — Memory leak in the Certificate Trust List (CTL) Provider service in Cisco Unified Communications Manager (CUCM) 5.x before 5.1(3) and 6.x before 6.1(1) allows remote attackers to cause a denial of service (memory consumption and service interruption) via a series of malformed TCP packets, aka Bug ID CSCsi98433. Fugas de memoria en el servicio Certificate Trust List (CTL) Provider service de Cisco Unified Communications Manager (CUCM) 5.x versiones anteriores a 5.1(3) y 6.x versiones anteriores a 6.1(1) perm... • http://secunia.com/advisories/30238 • CWE-399: Resource Management Errors •
CVSS: 7.8EPSS: 2%CPEs: 20EXPL: 0CVE-2008-1744
https://notcve.org/view.php?id=CVE-2008-1744
16 May 2008 — The Certificate Authority Proxy Function (CAPF) service in Cisco Unified Communications Manager (CUCM) 4.1 before 4.1(3)SR7, 4.2 before 4.2(3)SR4, and 4.3 before 4.3(2) allows remote attackers to cause a denial of service (service crash) via malformed network traffic, aka Bug ID CSCsk46770. El servicio Certificate Authority Proxy Function (CAPF) service de Cisco Unified Communications Manager (CUCM) 4.1 versiones anteriores a 4.1(3)SR7, 4.2 versiones anteriores a 4.2(3)SR4, y 4.3 versiones anteriores a 4.3(... • http://secunia.com/advisories/30238 • CWE-20: Improper Input Validation •