VYPR

Unified Communications Manager

by Cisco Systems, Inc.

CVEs (248)

  • CVE-2018-0206MedFeb 22, 2018
    risk 0.40cvss 6.1epss 0.01

    A vulnerability in the web-based management interface of Cisco Unified Communications Manager could allow an unauthenticated, remote attacker to conduct a reflected cross-site scripting (XSS) attack against a user of the web-based management interface of an affected device. The…

  • CVE-2018-0118MedJan 11, 2018
    risk 0.40cvss 6.1epss 0.02

    A vulnerability in the web-based management interface of Cisco Unified Communications Manager could allow an unauthenticated, remote attacker to perform a cross-site scripting (XSS) attack against a user of the web-based management interface of an affected device. The…

  • CVE-2017-12258MedOct 5, 2017
    risk 0.40cvss 6.1epss 0.02

    A vulnerability in the web-based UI of Cisco Unified Communications Manager could allow an unauthenticated, remote attacker to execute a cross-frame scripting (XFS) attack. The vulnerability exists because the affected software does not provide sufficient protections for HTML…

  • CVE-2017-6654MedMay 22, 2017
    risk 0.40cvss 6.1epss 0.02

    A vulnerability in the web-based management interface of Cisco Unified Communications Manager 10.5 through 11.5 could allow an unauthenticated, remote attacker to conduct a cross-site scripting (XSS) attack against a user of the web-based management interface of an affected…

  • CVE-2017-3872MedMar 17, 2017
    risk 0.40cvss 6.1epss 0.01

    A cross-site scripting (XSS) filter bypass vulnerability in the web-based management interface of Cisco Unified Communications Manager could allow an unauthenticated, remote attacker to conduct XSS attacks against a user of an affected device. More Information: CSCvc21620. Known…

  • CVE-2017-3833MedFeb 22, 2017
    risk 0.40cvss 6.1epss 0.01

    A vulnerability in the web framework of Cisco Unified Communications Manager could allow an unauthenticated, remote attacker to conduct a cross-site scripting (XSS) attack against a user of the web interface of the affected software. More Information: CSCvb95951. Known Affected…

  • CVE-2017-3829MedFeb 22, 2017
    risk 0.40cvss 6.1epss 0.02

    A vulnerability in the web-based management interface of Cisco Unified Communications Manager Switches could allow an unauthenticated, remote attacker to conduct a cross-site scripting (XSS) attack against a user of the web-based management interface of an affected device. More…

  • CVE-2017-3828MedFeb 22, 2017
    risk 0.40cvss 6.1epss 0.02

    A vulnerability in the web-based management interface of Cisco Unified Communications Manager Switches could allow an unauthenticated, remote attacker to conduct a cross-site scripting (XSS) attack against a user of the web-based management interface of an affected device. More…

  • CVE-2017-3821MedFeb 22, 2017
    risk 0.40cvss 6.1epss 0.02

    A vulnerability in the serviceability page of Cisco Unified Communications Manager could allow an unauthenticated, remote attacker to conduct reflected cross-site scripting (XSS) attacks. More Information: CSCvc49348. Known Affected Releases: 10.5(2.14076.1). Known Fixed…

  • CVE-2017-3802MedJan 26, 2017
    risk 0.40cvss 6.1epss 0.01

    A vulnerability in Cisco Unified Communications Manager could allow an unauthenticated, remote attacker to conduct a cross-site scripting (XSS) attack against a user of the web interface of an affected system. More Information: CSCvc20679. Known Affected Releases:…

  • CVE-2017-3798MedJan 26, 2017
    risk 0.40cvss 6.1epss 0.01

    A cross-site scripting (XSS) filter bypass vulnerability in the web-based management interface of Cisco Unified Communications Manager could allow an unauthenticated, remote attacker to mount XSS attacks against a user of an affected device. More Information: CSCvb97237. Known…

  • CVE-2016-9206MedDec 14, 2016
    risk 0.40cvss 6.1epss 0.02

    A vulnerability in the ccmadmin page of Cisco Unified Communications Manager (CUCM) could allow an unauthenticated, remote attacker to conduct reflected cross-site scripting (XSS) attacks. More Information: CSCvb64641. Known Affected Releases: 11.5(1.10000.6) 11.5(1.11007.2).…

  • CVE-2016-6472MedNov 19, 2016
    risk 0.40cvss 6.1epss 0.02

    A vulnerability in several parameters of the ccmivr page of Cisco Unified Communication Manager (CallManager) could allow an unauthenticated, remote attacker to launch a cross-site scripting (XSS) attack against a user of the web interface on the affected system. More…

  • CVE-2018-15403MedOct 5, 2018
    risk 0.35cvss 5.4epss 0.01

    A vulnerability in the web interface of Cisco Emergency Responder, Cisco Unified Communications Manager, Cisco Unified Communications Manager IM & Presence Service, and Cisco Unity Connection could allow an authenticated, remote attacker to redirect a user to a malicious web…

  • CVE-2018-0340MedJun 7, 2018
    risk 0.35cvss 5.4epss 0.01

    A vulnerability in the web framework of the Cisco Unified Communications Manager (Unified CM) software could allow an authenticated, remote attacker to conduct a cross-site scripting (XSS) attack against the user of the web interface of the affected system. The vulnerability is…

  • CVE-2018-0198MedMar 27, 2018
    risk 0.35cvss 5.3epss 0.02

    A vulnerability in the web framework of Cisco Unified Communications Manager could allow an unauthenticated, remote attacker to view sensitive data. The vulnerability is due to insufficient protection of database tables. An attacker could exploit this vulnerability by browsing…

  • CVE-2018-0105MedJan 18, 2018
    risk 0.35cvss 5.3epss 0.02

    A vulnerability in the web framework of Cisco Unified Communications Manager could allow an unauthenticated, remote attacker to view sensitive data. The vulnerability is due to insufficient protection of database tables. An attacker could exploit this vulnerability by browsing…

  • CVE-2017-12357MedNov 30, 2017
    risk 0.35cvss 5.4epss 0.01

    A vulnerability in the web-based management interface of Cisco Unified Communications Manager could allow an authenticated, remote attacker to conduct a cross-site scripting (XSS) attack against a user of the web-based management interface of an affected device. The…

  • CVE-2017-3888MedApr 7, 2017
    risk 0.35cvss 5.4epss 0.01

    A vulnerability in the web-based management interface of Cisco Unified Communications Manager could allow an authenticated, remote attacker to conduct a reflected cross-site scripting (XSS) attack against a user of the web-based management interface of an affected device. This…

  • CVE-2017-3874MedMar 17, 2017
    risk 0.35cvss 5.4epss 0.01

    A vulnerability in the web framework of Cisco Unified Communications Manager (CallManager) could allow an authenticated, remote attacker to perform a cross-site scripting (XSS) attack. More Information: CSCvb70033. Known Affected Releases: 11.5(1.11007.2). Known Fixed Releases:…

Page 2 of 13