VYPR

Communications Unified Session Manager

by Oracle Corporation

CVEs (29)

  • CVE-2021-3712HigAug 24, 2021
    risk 0.41cvss 7.4epss 0.50

    ASN.1 strings are represented internally within OpenSSL as an ASN1_STRING structure which contains a buffer holding the string data and a field holding the buffer length. This contrasts with normal C strings which are repesented as a buffer for the string data which is…

  • CVE-2020-1971MedDec 8, 2020
    risk 0.38cvss 5.9epss 0.07

    The X.509 GeneralName type is a generic type for representing different types of names. One of those name types is known as EDIPartyName. OpenSSL provides a function GENERAL_NAME_cmp which compares different instances of a GENERAL_NAME to see if they are equal or not. This…

  • CVE-2023-20211Aug 16, 2023
    risk 0.00cvss epss 0.01

    A vulnerability in the web-based management interface of Cisco Unified Communications Manager (Unified CM) and Cisco Unified Communications Manager Session Management Edition (Unified CM SME) could allow an authenticated, remote attacker to conduct SQL injection attacks on an…

  • CVE-2023-20116Jun 28, 2023
    risk 0.00cvss epss 0.01

    A vulnerability in the Administrative XML Web Service (AXL) API of Cisco Unified Communications Manager (Unified CM) and Cisco Unified Communications Manager Session Management Edition (Unified CM SME) could allow an authenticated, remote attacker to cause a denial of service…

  • CVE-2023-20010Jan 19, 2023
    risk 0.00cvss epss 0.01

    A vulnerability in the web-based management interface of Cisco Unified Communications Manager (Unified CM) and Cisco Unified Communications Manager Session Management Edition (Unified CM SME) could allow an authenticated, remote attacker to conduct SQL injection attacks on an…

  • CVE-2022-20816Aug 10, 2022
    risk 0.00cvss epss 0.01

    A vulnerability in the web-based management interface of Cisco Unified Communications Manager (Unified CM) and Cisco Unified Communications Manager Session Management Edition (Unified CM SME) could allow an authenticated, remote attacker to delete arbitrary files from an…

  • CVE-2022-20862Jul 6, 2022
    risk 0.00cvss epss 0.01

    A vulnerability in the web-based management interface of Cisco Unified Communications Manager (Unified CM) and Cisco Unified Communications Manager Session Management Edition (Unified CM SME) could allow an authenticated, remote attacker to read arbitrary files on the underlying…

  • CVE-2022-20752Jul 6, 2022
    risk 0.00cvss epss 0.01

    A vulnerability in Cisco Unified Communications Manager (Unified CM), Cisco Unified Communications Manager Session Management Edition (Unified CM SME), and Cisco Unity Connection could allow an unauthenticated, remote attacker to perform a timing attack. This vulnerability is…

  • CVE-2022-20804Apr 21, 2022
    risk 0.00cvss epss 0.00

    A vulnerability in the Cisco Discovery Protocol of Cisco Unified Communications Manager (Unified CM) and Cisco Unified Communications Manager Session Management Edition (Unified CM SME) could allow an unauthenticated, adjacent attacker to cause a kernel panic on an affected…

  • CVE-2022-20790Apr 21, 2022
    risk 0.00cvss epss 0.02

    A vulnerability in the web-based management interface of Cisco Unified Communications Manager (Unified CM) and Cisco Unified Communications Manager Session Management Edition (Unified CM SME) could allow an authenticated, remote attacker to read arbitrary files from the…

  • CVE-2022-20789Apr 21, 2022
    risk 0.00cvss epss 0.01

    A vulnerability in the software upgrade process of Cisco Unified Communications Manager (Unified CM) and Cisco Unified Communications Manager Session Management Edition (Unified CM SME) could allow an authenticated, remote attacker to write arbitrary files on the affected…

  • CVE-2021-34701Nov 4, 2021
    risk 0.00cvss epss 0.02

    A vulnerability in the web-based management interface of Cisco Unified Communications Manager (Unified CM), Cisco Unified Communications Manager Session Management Edition (Unified CM SME), Cisco Unified Communications Manager IM & Presence Service (Unified CM IM&P), and…

  • CVE-2021-34773Nov 4, 2021
    risk 0.00cvss epss 0.00

    A vulnerability in the web-based management interface of Cisco Unified Communications Manager (Unified CM), Cisco Unified Communications Manager Session Management Edition (Unified CM SME), and Cisco Unified Communications Manager IM & Presence Service (Unified CM IM&P)…

  • CVE-2021-1478May 6, 2021
    risk 0.00cvss epss 0.01

    A vulnerability in the Java Management Extensions (JMX) component of Cisco Unified Communications Manager (Unified CM) and Cisco Unified Communications Manager Session Management Edition (Unified CM SME) could allow an authenticated, remote attacker to cause a denial of service…

  • CVE-2021-1406Apr 8, 2021
    risk 0.00cvss epss 0.01

    A vulnerability in Cisco Unified Communications Manager (Unified CM) and Cisco Unified Communications Manager Session Management Edition (Unified CM SME) could allow an authenticated, remote attacker to access sensitive information on an affected device. The vulnerability is due…

  • CVE-2021-1399Apr 8, 2021
    risk 0.00cvss epss 0.01

    A vulnerability in the Self Care Portal of Cisco Unified Communications Manager (Unified CM) and Cisco Unified Communications Manager Session Management Edition (Unified CM SME) could allow an authenticated, remote attacker to modify data on an affected system without proper…

  • CVE-2021-1362Apr 8, 2021
    risk 0.00cvss epss 0.03

    A vulnerability in the SOAP API endpoint of Cisco Unified Communications Manager, Cisco Unified Communications Manager Session Management Edition, Cisco Unified Communications Manager IM & Presence Service, Cisco Unity Connection, and Cisco Prime License Manager could allow…

  • CVE-2021-1355Jan 20, 2021
    risk 0.00cvss epss 0.01

    Multiple vulnerabilities in Cisco Unified Communications Manager IM & Presence Service (Unified CM IM&P) could allow an attacker to conduct path traversal attacks and SQL injection attacks on an affected system. One of the SQL injection vulnerabilities that affects…

  • CVE-2021-1357Jan 20, 2021
    risk 0.00cvss epss 0.01

    Multiple vulnerabilities in Cisco Unified Communications Manager IM & Presence Service (Unified CM IM&P) could allow an attacker to conduct path traversal attacks and SQL injection attacks on an affected system. One of the SQL injection vulnerabilities that affects…

  • CVE-2021-1364Jan 20, 2021
    risk 0.00cvss epss 0.01

    Multiple vulnerabilities in Cisco Unified Communications Manager IM & Presence Service (Unified CM IM&P) could allow an attacker to conduct path traversal attacks and SQL injection attacks on an affected system. One of the SQL injection vulnerabilities that affects…

Page 1 of 2