VYPR

Unified Communications Manager

by Cisco Systems, Inc.

CVEs (248)

  • CVE-2006-5278Jul 15, 2007
    risk 0.01cvss epss 0.09

    Integer overflow in the Real-Time Information Server (RIS) Data Collector service (RisDC.exe) in Cisco Unified Communications Manager (CUCM, formerly CallManager) before 20070711 allow remote attackers to execute arbitrary code via crafted packets, resulting in a heap-based…

  • CVE-2006-5277Jul 15, 2007
    risk 0.01cvss epss 0.10

    Off-by-one error in the Certificate Trust List (CTL) Provider service (CTLProvider.exe) in Cisco Unified Communications Manager (CUCM, formerly CallManager) before 20070711 allow remote attackers to execute arbitrary code via a crafted packet that triggers a heap-based buffer…

  • CVE-2025-20326Sep 3, 2025
    risk 0.00cvss epss 0.00

    A vulnerability in the web-based management interface of Cisco Unified Communications Manager (Unified CM) Software and Cisco Unified CM Session Management Edition (SME) Software could allow an unauthenticated, remote attacker to conduct a cross-site request forgery (CSRF)…

  • CVE-2025-20309Jul 2, 2025
    risk 0.00cvss epss 0.01

    A vulnerability in Cisco Unified Communications Manager (Unified CM) and Cisco Unified Communications Manager Session Management Edition (Unified CM SME) could allow an unauthenticated, remote attacker to log in to an affected device using the root account, which has default,…

  • CVE-2025-20278Jun 4, 2025
    risk 0.00cvss epss 0.00

    A vulnerability in the CLI of multiple Cisco Unified Communications products could allow an authenticated, local attacker to execute arbitrary commands on the underlying operating system of an affected device as the root user. This vulnerability is due to improper validation…

  • CVE-2020-3420Nov 18, 2024
    risk 0.00cvss epss 0.00

    A vulnerability in the web-based management interface of Cisco Unified Communications Manager (Unified CM) and Cisco Unified Communications Manager Session Management Edition (Unified CM SME) could allow an authenticated, remote attacker to conduct a cross-site scripting (XSS)…

  • CVE-2024-20511Nov 6, 2024
    risk 0.00cvss epss 0.00

    A vulnerability in the web-based management interface of Cisco Unified Communications Manager (Unified CM) and Cisco Unified Communications Manager Session Management Edition (Unified CM SME) could allow an unauthenticated, remote attacker to conduct a cross-site scripting (XSS)…

  • CVE-2024-20488Aug 21, 2024
    risk 0.00cvss epss 0.00

    A vulnerability in the web-based management interface of Cisco Unified Communications Manager (Unified CM) and Cisco Unified Communications Manager Session Management Edition (Unified CM SME) could allow an unauthenticated, remote attacker to conduct a cross-site scripting (XSS)…

  • CVE-2024-20375Aug 21, 2024
    risk 0.00cvss epss 0.01

    A vulnerability in the SIP call processing function of Cisco Unified Communications Manager (Unified CM) and Cisco Unified Communications Manager Session Management Edition (Unified CM SME) could allow an unauthenticated, remote attacker to cause a denial of service (DoS)…

  • CVE-2024-20253Jan 26, 2024
    risk 0.00cvss epss 0.02

    A vulnerability in multiple Cisco Unified Communications and Contact Center Solutions products could allow an unauthenticated, remote attacker to execute arbitrary code on an affected device. This vulnerability is due to the improper processing of user-provided data that is…

  • CVE-2023-20259Oct 4, 2023
    risk 0.00cvss epss 0.01

    A vulnerability in an API endpoint of multiple Cisco Unified Communications Products could allow an unauthenticated, remote attacker to cause high CPU utilization, which could impact access to the web-based management interface and cause delays with call processing. This API is…

  • CVE-2023-20266Aug 30, 2023
    risk 0.00cvss epss 0.00

    A vulnerability in Cisco Emergency Responder, Cisco Unified Communications Manager (Unified CM), Cisco Unified Communications Manager Session Management Edition (Unified CM SME), and Cisco Unity Connection could allow an authenticated, remote attacker to elevate privileges to…

  • CVE-2023-20211Aug 16, 2023
    risk 0.00cvss epss 0.01

    A vulnerability in the web-based management interface of Cisco Unified Communications Manager (Unified CM) and Cisco Unified Communications Manager Session Management Edition (Unified CM SME) could allow an authenticated, remote attacker to conduct SQL injection attacks on an…

  • CVE-2023-20242Aug 16, 2023
    risk 0.00cvss epss 0.00

    A vulnerability in the web-based management interface of Cisco Unified Communications Manager (Unified CM), Cisco Unified CM Session Management Edition (Unified CM SME), and Cisco Unified Communications Manager IM & Presence Service (Unified CM IM&P) could allow an…

  • CVE-2023-20116Jun 28, 2023
    risk 0.00cvss epss 0.01

    A vulnerability in the Administrative XML Web Service (AXL) API of Cisco Unified Communications Manager (Unified CM) and Cisco Unified Communications Manager Session Management Edition (Unified CM SME) could allow an authenticated, remote attacker to cause a denial of service…

  • CVE-2023-20010Jan 19, 2023
    risk 0.00cvss epss 0.01

    A vulnerability in the web-based management interface of Cisco Unified Communications Manager (Unified CM) and Cisco Unified Communications Manager Session Management Edition (Unified CM SME) could allow an authenticated, remote attacker to conduct SQL injection attacks on an…

  • CVE-2022-20816Aug 10, 2022
    risk 0.00cvss epss 0.01

    A vulnerability in the web-based management interface of Cisco Unified Communications Manager (Unified CM) and Cisco Unified Communications Manager Session Management Edition (Unified CM SME) could allow an authenticated, remote attacker to delete arbitrary files from an…

  • CVE-2022-20862Jul 6, 2022
    risk 0.00cvss epss 0.01

    A vulnerability in the web-based management interface of Cisco Unified Communications Manager (Unified CM) and Cisco Unified Communications Manager Session Management Edition (Unified CM SME) could allow an authenticated, remote attacker to read arbitrary files on the underlying…

  • CVE-2022-20859Jul 6, 2022
    risk 0.00cvss epss 0.01

    A vulnerability in the Disaster Recovery framework of Cisco Unified Communications Manager (Unified CM), Cisco Unified Communications Manager IM & Presence Service (Unified CM IM&P), and Cisco Unity Connection could allow an authenticated, remote attacker to perform…

  • CVE-2022-20815Jul 6, 2022
    risk 0.00cvss epss 0.01

    A vulnerability in the web-based management interface of Cisco Unified Communications Manager (Unified CM), Cisco Unified CM Session Management Edition (Unified CM SME), and Cisco Unified Communications Manager IM & Presence Service (Unified CM IM&P) could allow an…

Page 4 of 13