Filtered by vendor Cisco Subscriptions
Filtered by product Unified Communications Domain Manager Subscriptions
Total 41 CVE
CVE Vendors Products Updated CVSS v3.1
CVE-2014-8010 1 Cisco 1 Unified Communications Domain Manager 2024-11-21 N/A
The web framework in Cisco Unified Communications Domain Manager 8 allows remote authenticated administrators to execute arbitrary OS commands via crafted values, aka Bug ID CSCuq50205.
CVE-2014-3339 1 Cisco 2 Unified Communications Domain Manager, Unified Presence Server 2024-11-21 N/A
Multiple SQL injection vulnerabilities in the administrative web interface in Cisco Unified Communications Manager (CM) and Cisco Unified Presence Server (CUPS) allow remote authenticated users to execute arbitrary SQL commands via crafted input to unspecified pages, aka Bug ID CSCup74290.
CVE-2014-3337 1 Cisco 1 Unified Communications Domain Manager 2024-11-21 N/A
The SIP implementation in Cisco Unified Communications Manager (CM) 8.6(.2) and earlier allows remote authenticated users to cause a denial of service (process crash) via a crafted SIP message that is not properly handled during processing of an XML document, aka Bug ID CSCtq76428.
CVE-2014-3320 1 Cisco 1 Unified Communications Domain Manager 2024-11-21 N/A
Multiple open redirect vulnerabilities in the admin web interface in the web framework in Cisco Unified Communications Domain Manager (CDM) 8.1(.4) and earlier allow remote attackers to redirect users to arbitrary web sites and conduct phishing attacks via crafted URLs for unspecified scripts, aka Bug ID CSCuo48835.
CVE-2014-3300 1 Cisco 2 Unified Cdm Application Software, Unified Communications Domain Manager 2024-11-21 N/A
The BVSMWeb portal in the web framework in Cisco Unified Communications Domain Manager (CDM) in Unified CDM Application Software before 10 does not properly implement access control, which allows remote attackers to modify user information via a crafted URL, aka Bug ID CSCum77041.
CVE-2014-3283 1 Cisco 1 Unified Communications Domain Manager 2024-11-21 N/A
Open redirect vulnerability in Self-Care Client Portal applications in the web framework in VOSS in Cisco Unified Communications Domain Manager (CDM) 9.0(.1) and earlier allows remote attackers to redirect users to arbitrary web sites and conduct phishing attacks via a crafted URL, aka Bug ID CSCun79731.
CVE-2014-3282 1 Cisco 1 Unified Communications Domain Manager 2024-11-21 N/A
The Administration GUI in the web framework in VOSS in Cisco Unified Communications Domain Manager (CDM) 9.0(.1) and earlier does not properly implement access control, which allows remote authenticated users to obtain sensitive number-translation information by leveraging Location Administrator privileges and entering a crafted URL, aka Bug ID CSCum76930.
CVE-2014-3281 1 Cisco 1 Unified Communications Domain Manager 2024-11-21 N/A
The web framework in VOSS in Cisco Unified Communications Domain Manager (CDM) does not properly implement access control, which allows remote attackers to obtain potentially sensitive user information by visiting an unspecified BVSMWeb web page, aka Bug IDs CSCun46071 and CSCun46101.
CVE-2014-3280 1 Cisco 1 Unified Communications Domain Manager 2024-11-21 N/A
The web framework in VOSS in Cisco Unified Communications Domain Manager (CDM) 9.0(.1) and earlier does not properly implement access control, which allows remote authenticated users to obtain potentially sensitive user information by visiting an unspecified Administration GUI web page, aka Bug IDs CSCun46045 and CSCun46116.
CVE-2014-3279 1 Cisco 1 Unified Communications Domain Manager 2024-11-21 N/A
The Administration GUI in the web framework in VOSS in Cisco Unified Communications Domain Manager (CDM) 9.0(.1) and earlier does not properly implement access control, which allows remote attackers to enumerate account names via a crafted URL, aka Bug IDs CSCun39631 and CSCun39643.
CVE-2014-3278 1 Cisco 1 Unified Communications Domain Manager 2024-11-21 N/A
The web framework in VOSS in Cisco Unified Communications Domain Manager (CDM) does not properly implement access control, which allows remote attackers to enumerate accounts by visiting an unspecified BVSMWeb web page, aka Bug IDs CSCun39619 and CSCun45572.
CVE-2014-3277 1 Cisco 1 Unified Communications Domain Manager 2024-11-21 N/A
The Administration GUI in the web framework in VOSS in Cisco Unified Communications Domain Manager (CDM) 9.0(.1) and earlier does not properly implement access control, which allows remote authenticated users to obtain sensitive user and group information by leveraging Location Administrator privileges and entering a crafted URL, aka Bug ID CSCum77005.
CVE-2014-2198 1 Cisco 2 Unified Cdm Platform Software, Unified Communications Domain Manager 2024-11-21 N/A
Cisco Unified Communications Domain Manager (CDM) in Unified CDM Platform Software before 4.4.2 has a hardcoded SSH private key, which makes it easier for remote attackers to obtain access to the support and root accounts by extracting this key from a binary file found in a different installation of the product, aka Bug ID CSCud41130.
CVE-2014-2197 1 Cisco 2 Unified Cdm Application Software, Unified Communications Domain Manager 2024-11-21 N/A
The Administration GUI in the web framework in Cisco Unified Communications Domain Manager (CDM) in Unified CDM Application Software before 8.1.4 does not properly implement access control, which allows remote authenticated users to modify administrative credentials via a crafted URL, aka Bug ID CSCun49862.
CVE-2014-2104 1 Cisco 1 Unified Communications Domain Manager 2024-11-21 N/A
Multiple cross-site scripting (XSS) vulnerabilities in the Business Voice Services Manager (BVSM) page in Cisco Unified Communications Domain Manager 9.0(.1) allow remote attackers to inject arbitrary web script or HTML via unspecified parameters, aka Bug IDs CSCum78536, CSCum78526, CSCum69809, and CSCum63113.
CVE-2013-5517 1 Cisco 1 Unified Communications Domain Manager 2024-11-21 N/A
SQL injection vulnerability in the web framework in Cisco Unified Communications Domain Manager allows remote authenticated users to execute arbitrary SQL commands via a crafted URL, aka Bug ID CSCuh96567.
CVE-2013-3418 1 Cisco 1 Unified Communications Domain Manager 2024-11-21 N/A
Cisco Unified Communications Domain Manager does not properly allocate memory for GET and POST requests, which allows remote authenticated users to cause a denial of service (memory consumption and process crash) via crafted requests to the management interface, aka Bug ID CSCud22922.
CVE-2013-1230 1 Cisco 1 Unified Communications Domain Manager 2024-11-21 N/A
Cisco Unified Communications Domain Manager allows remote attackers to cause a denial of service (CPU consumption) via a flood of malformed UDP packets, aka Bug ID CSCug47057.
CVE-2013-1227 1 Cisco 1 Unified Communications Domain Manager 2024-11-21 N/A
Cross-site scripting (XSS) vulnerability in the web framework in Cisco Unified Communications Domain Manager allows remote attackers to inject arbitrary web script or HTML via unspecified vectors, aka Bug ID CSCug37902.
CVE-2013-1132 1 Cisco 1 Unified Communications Domain Manager 2024-11-21 N/A
Multiple cross-site scripting (XSS) vulnerabilities in Cisco Unified Communications Domain Manager allow remote attackers to inject arbitrary web script or HTML via vectors involving the (1) IptAccountMgmt, (2) IptFeatureConfigTemplateMgmt, (3) IptFeatureDisplayPolicyMgmt, or (4) IptProviderMgmt page, aka Bug IDs CSCud69972, CSCud70193, and CSCud70261.