VYPR

Unified Communications Manager Im And Presence Service

by Cisco Systems, Inc.

CVEs (39)

  • CVE-2017-12337CriNov 16, 2017
    risk 0.64cvss 9.8epss 0.06

    A vulnerability in the upgrade mechanism of Cisco collaboration products based on the Cisco Voice Operating System software platform could allow an unauthenticated, remote attacker to gain unauthorized, elevated access to an affected device. The vulnerability occurs when a…

  • CVE-2018-0409HigAug 15, 2018
    risk 0.49cvss 7.5epss 0.03

    A vulnerability in the XCP Router service of the Cisco Unified Communications Manager IM & Presence Service (CUCM IM&P) and the Cisco TelePresence Video Communication Server (VCS) and Expressway could allow an unauthenticated, remote attacker to cause a temporary service outage…

  • CVE-2016-6464HigDec 14, 2016
    risk 0.49cvss 7.5epss 0.03

    A vulnerability in the web management interface of the Cisco Unified Communications Manager IM and Presence Service could allow an unauthenticated, remote attacker to view information on web pages that should be restricted. More Information: CSCva49629. Known Affected Releases:…

  • CVE-2016-1466HigAug 8, 2016
    risk 0.49cvss 7.5epss 0.03

    Cisco Unified Communications Manager IM and Presence Service 9.1(1) SU6, 9.1(1) SU6a, 9.1(1) SU7, 10.5(2) SU2, 10.5(2) SU2a, 11.0(1) SU1, and 11.5(1) allows remote attackers to cause a denial of service (sipd process restart) via crafted headers in a SIP packet, aka Bug ID…

  • CVE-2018-0396MedJul 18, 2018
    risk 0.40cvss 6.1epss 0.02

    A vulnerability in the web framework of the Cisco Unified Communications Manager IM and Presence Service software could allow an authenticated, remote attacker to conduct a cross-site scripting (XSS) attack against the user of the web interface of an affected system. The…

  • CVE-2018-15403MedOct 5, 2018
    risk 0.35cvss 5.4epss 0.01

    A vulnerability in the web interface of Cisco Emergency Responder, Cisco Unified Communications Manager, Cisco Unified Communications Manager IM & Presence Service, and Cisco Unity Connection could allow an authenticated, remote attacker to redirect a user to a malicious web…

  • CVE-2016-1319MedFeb 9, 2016
    risk 0.35cvss 5.3epss 0.01

    Cisco Unified Communications Manager (aka CallManager) 9.1(2.10000.28), 10.5(2.10000.5), 10.5(2.12901.1), and 11.0(1.10000.10); Unified Communications Manager IM & Presence Service 10.5(2); Unified Contact Center Express 11.0(1); and Unity Connection 10.5(2) store a cleartext…

  • CVE-2026-20045KEVJan 21, 2026
    risk 0.12cvss epss 0.04

    A vulnerability in Cisco Unified Communications Manager (Unified CM), Cisco Unified Communications Manager Session Management Edition (Unified CM SME), Cisco Unified Communications Manager IM & Presence Service (Unified CM IM&P), Cisco Unity Connection, and Cisco Webex…

  • CVE-2019-1845Jun 5, 2019
    risk 0.01cvss epss 0.05

    A vulnerability in the authentication service of the Cisco Unified Communications Manager IM and Presence (Unified CM IM&P) Service, Cisco TelePresence Video Communication Server (VCS), and Cisco Expressway Series could allow an unauthenticated, remote attacker to cause a…

  • CVE-2025-20330Sep 3, 2025
    risk 0.00cvss epss 0.00

    A vulnerability in the web-based management interface of Cisco Unified Communications Manager IM & Presence Service (Unified CM IM&P) could allow an unauthenticated, remote attacker to conduct a cross-site scripting (XSS) attack against a user of the interface. This…

  • CVE-2025-20278Jun 4, 2025
    risk 0.00cvss epss 0.00

    A vulnerability in the CLI of multiple Cisco Unified Communications products could allow an authenticated, local attacker to execute arbitrary commands on the underlying operating system of an affected device as the root user. This vulnerability is due to improper validation…

  • CVE-2024-20457Nov 6, 2024
    risk 0.00cvss epss 0.00

    A vulnerability in the logging component of Cisco Unified Communications Manager IM & Presence Service (Unified CM IM&P) could allow an authenticated, remote attacker to view sensitive information in clear text on an affected system. This vulnerability is due to the…

  • CVE-2024-20310Apr 3, 2024
    risk 0.00cvss epss 0.01

    A vulnerability in the web-based interface of Cisco Unified Communications Manager IM & Presence Service (Unified CM IM&P) could allow an unauthenticated, remote attacker to conduct a cross-site scripting (XSS) attack against an authenticated user of the interface. This…

  • CVE-2024-20253Jan 26, 2024
    risk 0.00cvss epss 0.02

    A vulnerability in multiple Cisco Unified Communications and Contact Center Solutions products could allow an unauthenticated, remote attacker to execute arbitrary code on an affected device. This vulnerability is due to the improper processing of user-provided data that is…

  • CVE-2023-20259Oct 4, 2023
    risk 0.00cvss epss 0.01

    A vulnerability in an API endpoint of multiple Cisco Unified Communications Products could allow an unauthenticated, remote attacker to cause high CPU utilization, which could impact access to the web-based management interface and cause delays with call processing. This API is…

  • CVE-2023-20242Aug 16, 2023
    risk 0.00cvss epss 0.00

    A vulnerability in the web-based management interface of Cisco Unified Communications Manager (Unified CM), Cisco Unified CM Session Management Edition (Unified CM SME), and Cisco Unified Communications Manager IM & Presence Service (Unified CM IM&P) could allow an…

  • CVE-2023-20108Jun 28, 2023
    risk 0.00cvss epss 0.01

    A vulnerability in the XCP Authentication Service of the Cisco Unified Communications Manager IM & Presence Service (Unified CM IM&P) could allow an unauthenticated, remote attacker to cause a temporary service outage for all Cisco Unified CM IM&P users who are…

  • CVE-2022-20859Jul 6, 2022
    risk 0.00cvss epss 0.01

    A vulnerability in the Disaster Recovery framework of Cisco Unified Communications Manager (Unified CM), Cisco Unified Communications Manager IM & Presence Service (Unified CM IM&P), and Cisco Unity Connection could allow an authenticated, remote attacker to perform…

  • CVE-2022-20815Jul 6, 2022
    risk 0.00cvss epss 0.01

    A vulnerability in the web-based management interface of Cisco Unified Communications Manager (Unified CM), Cisco Unified CM Session Management Edition (Unified CM SME), and Cisco Unified Communications Manager IM & Presence Service (Unified CM IM&P) could allow an…

  • CVE-2022-20786Apr 21, 2022
    risk 0.00cvss epss 0.01

    A vulnerability in the web-based management interface of Cisco Unified Communications Manager IM & Presence Service (Unified CM IM&P) could allow an authenticated, remote attacker to conduct SQL injection attacks on an affected system. This vulnerability is due to…

Page 1 of 2