Cisco Unified_communications_manager_im_and_presence_service
8 CVEs affecting Cisco Unified_communications_manager_im_and_presence_service. Latest disclosed: 2017-11-16. Critical: 1, High: 2.
| CVE | Severity | Score | Published | Summary |
|---|---|---|---|---|
CVE-2017-12337 | Critical | 9.8 | 2017-11-16 | A vulnerability in the upgrade mechanism of Cisco collaboration products based on the Cisco Voice Operating System software platform could allow an unauthentic… |
CVE-2016-6464 | High | 7.5 | 2016-12-14 | A vulnerability in the web management interface of the Cisco Unified Communications Manager IM and Presence Service could allow an unauthenticated, remote atta… |
CVE-2016-1466 | High | 7.5 | 2016-08-08 | Cisco Unified Communications Manager IM and Presence Service 9.1(1) SU6, 9.1(1) SU6a, 9.1(1) SU7, 10.5(2) SU2, 10.5(2) SU2a, 11.0(1) SU1, and 11.5(1) allows re… |
CVE-2015-6310 | | 2015-10-08 | The REST interface in Cisco Unified Communications Manager IM and Presence Service 11.5(1) allows remote attackers to cause a denial of service (SIP proxy serv… | |
CVE-2015-4294 | | 2015-08-01 | Cross-site scripting (XSS) vulnerability in Cisco IM and Presence Service before 10.5 MR1 allows remote attackers to inject arbitrary web script or HTML by con… | |
CVE-2015-4222 | | 2015-06-26 | SQL injection vulnerability in Cisco Unified Communications Manager IM and Presence Service 9.1(1) allows remote authenticated users to execute arbitrary SQL c… | |
CVE-2015-4221 | | 2015-06-26 | Cisco Unified Communications Manager IM and Presence Service 9.1(1) does not properly restrict access to encrypted passwords, which allows remote attackers to… | |
CVE-2014-8000 | | 2014-11-21 | Cisco Unified Communications Manager IM and Presence Service 9.1(1) produces different returned messages for URL requests depending on whether a username exist… |