Note:
This project will be discontinued after December 13, 2021. [more]
Product:
Unified_communications_manager
(Cisco)Repositories |
Unknown: This might be proprietary software. |
#Vulnerabilities | 234 |
Date | Id | Summary | Products | Score | Patch | Annotated |
---|---|---|---|---|---|---|
2014-07-14 | CVE-2014-3317 | Directory traversal vulnerability in the Multiple Analyzer in the Dialed Number Analyzer (DNA) component in Cisco Unified Communications Manager 10.0(1) allows remote authenticated users to delete arbitrary files via a crafted URL, aka Bug ID CSCup76314. | Unified_communications_manager | N/A | ||
2014-07-10 | CVE-2014-3316 | The Multiple Analyzer in the Dialed Number Analyzer (DNA) component in Cisco Unified Communications Manager allows remote authenticated users to bypass intended upload restrictions via a crafted parameter, aka Bug ID CSCup76297. | Unified_communications_manager | N/A | ||
2014-07-10 | CVE-2014-3315 | Cross-site scripting (XSS) vulnerability in viewfilecontents.do in the Dialed Number Analyzer (DNA) component in Cisco Unified Communications Manager allows remote attackers to inject arbitrary web script or HTML via an unspecified parameter, aka Bug ID CSCup76308. | Unified_communications_manager | N/A | ||
2014-06-10 | CVE-2014-3292 | The Real Time Monitoring Tool (RTMT) implementation in Cisco Unified Communications Manager (Unified CM) allows remote authenticated users to (1) read or (2) delete arbitrary files via a crafted URL, aka Bug IDs CSCuo17302 and CSCuo17199. | Unified_communications_manager | N/A | ||
2014-06-10 | CVE-2014-3287 | SQL injection vulnerability in BulkViewFileContentsAction.java in the Java interface in Cisco Unified Communications Manager (Unified CM) allows remote authenticated users to execute arbitrary SQL commands via crafted filename parameters in a URL, aka Bug ID CSCuo17337. | Unified_communications_manager | N/A | ||
2014-04-29 | CVE-2014-2185 | The Call Detail Records (CDR) Management component in Cisco Unified Communications Manager (Unified CM) allows remote authenticated users to obtain sensitive information by reading extraneous fields in an HTML document, aka Bug ID CSCun74374. | Unified_communications_manager | N/A | ||
2014-04-29 | CVE-2014-2184 | The IP Manager Assistant (IPMA) component in Cisco Unified Communications Manager (Unified CM) allows remote attackers to obtain sensitive information via a crafted URL, aka Bug ID CSCun74352. | Unified_communications_manager | N/A | ||
2014-02-27 | CVE-2014-0747 | The Certificate Authority Proxy Function (CAPF) CLI implementation in Cisco Unified Communications Manager (Unified CM) 10.0(1) and earlier allows local users to inject commands via unspecified CAPF programs, aka Bug ID CSCum95493. | Unified_communications_manager | N/A | ||
2014-02-27 | CVE-2014-0743 | The Certificate Authority Proxy Function (CAPF) component in Cisco Unified Communications Manager (Unified CM) 10.0(1) and earlier allows remote attackers to bypass authentication and modify registered-device information via crafted data, aka Bug ID CSCum95468. | Unified_communications_manager | N/A | ||
2014-02-27 | CVE-2014-0742 | The Certificate Authority Proxy Function (CAPF) CLI implementation in the CSR management feature in Cisco Unified Communications Manager (Unified CM) 10.0(1) and earlier allows local users to read or modify arbitrary files via unspecified vectors, aka Bug ID CSCum95464. | Unified_communications_manager | N/A |