Cisco Unified_communications_manager
132 CVEs affecting Cisco Unified_communications_manager. Latest disclosed: 2017-11-30. Critical: 1, High: 7.
| CVE | Severity | Score | Published | Summary |
|---|---|---|---|---|
CVE-2017-12337 | Critical | 9.8 | 2017-11-16 | A vulnerability in the upgrade mechanism of Cisco collaboration products based on the Cisco Voice Operating System software platform could allow an unauthentic… |
CVE-2017-6757 | High | 8.8 | 2017-08-07 | A vulnerability in Cisco Unified Communications Manager 10.5(2.10000.5), 11.0(1.10000.10), and 11.5(1.10000.6) could allow an authenticated, remote attacker to… |
CVE-2017-6791 | High | 7.5 | 2017-09-07 | A vulnerability in the Trust Verification Service (TVS) of Cisco Unified Communications Manager could allow an unauthenticated, remote attacker to cause a deni… |
CVE-2017-3808 | High | 7.5 | 2017-04-20 | A vulnerability in the Session Initiation Protocol (SIP) UDP throttling process of Cisco Unified Communications Manager (Cisco Unified CM) could allow an unaut… |
CVE-2016-9210 | High | 7.5 | 2016-12-14 | A vulnerability in the Cisco Unified Reporting upload tool accessed via the Cisco Unified Communications Manager could allow an unauthenticated, remote attacke… |
CVE-2016-6364 | High | 7.5 | 2016-08-23 | The User Data Services (UDS) API implementation in Cisco Unified Communications Manager 11.5 allows remote attackers to bypass intended access restrictions and… |
CVE-2015-6360 | High | 7.5 | 2016-04-21 | The encryption-processing feature in Cisco libSRTP before 1.5.3 allows remote attackers to cause a denial of service via crafted fields in SRTP packets, aka Bu… |
CVE-2013-7030 | High | 7.3 | 2013-12-12 | The TFTP service in Cisco Unified Communications Manager (aka CUCM or Unified CM) allows remote attackers to obtain sensitive information from a phone via an R… |
CVE-2017-6758 | Medium | 6.5 | 2017-08-07 | A vulnerability in the web framework of Cisco Unified Communications Manager 11.5(1.10000.6) could allow an authenticated, remote attacker to access arbitrary… |
CVE-2017-3877 | Medium | 6.5 | 2017-03-17 | A vulnerability in the web framework of Cisco Unified Communications Manager (CallManager) could allow an unauthenticated, remote attacker to conduct a cross-s… |
CVE-2016-6440 | Medium | 6.5 | 2016-10-27 | The Cisco Unified Communications Manager (CUCM) may be vulnerable to data that can be displayed inside an iframe within a web page, which in turn could lead to… |
CVE-2015-6433 | Medium | 6.5 | 2016-01-08 | SQL injection vulnerability in Cisco Unified Communications Manager 11.0(0.98000.225) allows remote authenticated users to execute arbitrary SQL commands via a… |
CVE-2017-12258 | Medium | 6.1 | 2017-10-05 | A vulnerability in the web-based UI of Cisco Unified Communications Manager could allow an unauthenticated, remote attacker to execute a cross-frame scripting… |
CVE-2017-6654 | Medium | 6.1 | 2017-05-22 | A vulnerability in the web-based management interface of Cisco Unified Communications Manager 10.5 through 11.5 could allow an unauthenticated, remote attacker… |
CVE-2017-3872 | Medium | 6.1 | 2017-03-17 | A cross-site scripting (XSS) filter bypass vulnerability in the web-based management interface of Cisco Unified Communications Manager could allow an unauthent… |
CVE-2017-3833 | Medium | 6.1 | 2017-02-22 | A vulnerability in the web framework of Cisco Unified Communications Manager could allow an unauthenticated, remote attacker to conduct a cross-site scripting… |
CVE-2017-3829 | Medium | 6.1 | 2017-02-22 | A vulnerability in the web-based management interface of Cisco Unified Communications Manager Switches could allow an unauthenticated, remote attacker to condu… |
CVE-2017-3828 | Medium | 6.1 | 2017-02-22 | A vulnerability in the web-based management interface of Cisco Unified Communications Manager Switches could allow an unauthenticated, remote attacker to condu… |
CVE-2017-3821 | Medium | 6.1 | 2017-02-22 | A vulnerability in the serviceability page of Cisco Unified Communications Manager could allow an unauthenticated, remote attacker to conduct reflected cross-s… |
CVE-2017-3802 | Medium | 6.1 | 2017-01-26 | A vulnerability in Cisco Unified Communications Manager could allow an unauthenticated, remote attacker to conduct a cross-site scripting (XSS) attack against… |