The Vigil@nce team watches public vulnerabilities impacting your computers, and then offers security solutions, a database and tools to fix them.

Computer vulnerabilities of Cisco CUCM

Cisco Unified Communications Manager: SQL injection via Web-based Management Interface
An attacker can use a SQL injection via Web-based Management Interface of Cisco Unified Communications Manager, in order to read or alter data...
cisco-sa-20191120-cucm-sql, CSCvp49463, CVE-2019-15972, VIGILANCE-VUL-30925
Cisco Unified Communications Manager: privilege escalation via HTTP Methods
An attacker can bypass restrictions via HTTP Methods of Cisco Unified Communications Manager, in order to escalate his privileges...
CERTFR-2019-AVI-481, cisco-sa-20191002-ucm-secbypass, CSCvp14434, CVE-2019-15272, VIGILANCE-VUL-30519
Cisco Unified Communications Manager: external XML entity injection
An attacker can transmit malicious XML data to Cisco Unified Communications Manager, in order to read a file, scan sites, or trigger a denial of service...
CERTFR-2019-AVI-481, cisco-sa-20191002-cucm-xxe, CSCvp46079, CVE-2019-12711, VIGILANCE-VUL-30517
Cisco Unified Communications Manager: Cross Site Scripting
An attacker can trigger a Cross Site Scripting of Cisco Unified Communications Manager, in order to run JavaScript code in the context of the web site...
CERTFR-2019-AVI-481, cisco-sa-20191002-cucm-xss-12716, CSCvo42317, CVE-2019-12716, VIGILANCE-VUL-30516
Cisco Unified Communications Manager: Cross Site Scripting
An attacker can trigger a Cross Site Scripting of Cisco Unified Communications Manager, in order to run JavaScript code in the context of the web site...
CERTFR-2019-AVI-481, cisco-sa-20191002-cucm-xss-12715, CSCvo42294, CVE-2019-12715, VIGILANCE-VUL-30515
Cisco Unified Communications Manager: Cross Site Request Forgery
An attacker can trigger a Cross Site Request Forgery of Cisco Unified Communications Manager, in order to force the victim to perform operations...
CERTFR-2019-AVI-481, cisco-sa-20191002-cucm-csrf, CSCvo42306, CSCvo91541, CSCvo99233, CVE-2019-1915, VIGILANCE-VUL-30514
Cisco Unified Communications Manager: Cross Site Scripting
An attacker can trigger a Cross Site Scripting of Cisco Unified Communications Manager, in order to run JavaScript code in the context of the web site...
CERTFR-2019-AVI-481, cisco-sa-20191002-cuc-xss, CSCvp14284, CSCvq12061, CSCvq13816, CVE-2019-12707, VIGILANCE-VUL-30513
Cisco Unified Communications Manager: SQL injection
An attacker can use a SQL injection of Cisco Unified Communications Manager, in order to read or alter data...
CERTFR-2019-AVI-481, cisco-sa-20191002-cuc-inject, CSCvo42378, CVE-2019-12710, VIGILANCE-VUL-30512
Cisco Unified Communications Manager: denial of service via SIP
An attacker can trigger a fatal error via SIP of Cisco Unified Communications Manager, in order to trigger a denial of service...
CERTFR-2019-AVI-304, cisco-sa-20190703-cucm-dos, CSCvo70834, CVE-2019-1887, VIGILANCE-VUL-29686
Cisco Unified Communications Manager: denial of service via UDS API
An attacker can trigger a fatal error via UDS API of Cisco Unified Communications Manager, in order to trigger a denial of service...
cisco-sa-20190417-ucm-dos, CSCvo08315, CVE-2019-1837, VIGILANCE-VUL-29086
Our database contains other pages. You can request a free trial to read them.

Display information about Cisco CUCM: