The Vigil@nce team watches public vulnerabilities impacting your computers, and then offers security solutions, a vigilance database and tools to fix them.

Computer vulnerabilities of Cisco CUCM

Cisco Unified Communications Manager: directory traversal via TAPS
An attacker can traverse directories via TAPS of Cisco Unified Communications Manager, in order to read a file outside the service root path...
CERTFR-2020-AVI-227, cisco-sa-cucm-taps-path-trav-pfsFO93r, CSCvq58268, CSCvt33058, CVE-2020-3177, VIGILANCE-VUL-32041
Cisco Unified Communications Manager: Cross Site Request Forgery via Web-based Management Interface
An attacker can trigger a Cross Site Request Forgery via Web-based Management Interface of Cisco Unified Communications Manager, in order to force the victim to perform operations...
CERTFR-2020-AVI-055, cisco-sa-ucm-csrf-NbhZTxL, CSCuy76946, CVE-2020-3135, VIGILANCE-VUL-31414
Cisco Unified Communications Manager: information disclosure via Web-based Management Interface
An attacker can bypass access restrictions to data via Web-based Management Interface of Cisco Unified Communications Manager, in order to obtain sensitive information...
CERTFR-2020-AVI-055, cisco-sa-20200122-cuc-info-disclosure, CSCvr00922, CVE-2019-15963, VIGILANCE-VUL-31399
Cisco Unified Communications Manager: SQL injection via Web-based Management Interface
An attacker can use a SQL injection via Web-based Management Interface of Cisco Unified Communications Manager, in order to read or alter data...
cisco-sa-20191120-cucm-sql, CSCvp49463, CVE-2019-15972, VIGILANCE-VUL-30925
Cisco Unified Communications Manager: privilege escalation via HTTP Methods
An attacker can bypass restrictions via HTTP Methods of Cisco Unified Communications Manager, in order to escalate his privileges...
CERTFR-2019-AVI-481, cisco-sa-20191002-ucm-secbypass, CSCvp14434, CVE-2019-15272, VIGILANCE-VUL-30519
Cisco Unified Communications Manager: external XML entity injection
An attacker can transmit malicious XML data to Cisco Unified Communications Manager, in order to read a file, scan sites, or trigger a denial of service...
CERTFR-2019-AVI-481, cisco-sa-20191002-cucm-xxe, CSCvp46079, CVE-2019-12711, VIGILANCE-VUL-30517
Cisco Unified Communications Manager: Cross Site Scripting
An attacker can trigger a Cross Site Scripting of Cisco Unified Communications Manager, in order to run JavaScript code in the context of the web site...
CERTFR-2019-AVI-481, cisco-sa-20191002-cucm-xss-12716, CSCvo42317, CVE-2019-12716, VIGILANCE-VUL-30516
Cisco Unified Communications Manager: Cross Site Scripting
An attacker can trigger a Cross Site Scripting of Cisco Unified Communications Manager, in order to run JavaScript code in the context of the web site...
CERTFR-2019-AVI-481, cisco-sa-20191002-cucm-xss-12715, CSCvo42294, CVE-2019-12715, VIGILANCE-VUL-30515
Cisco Unified Communications Manager: Cross Site Request Forgery
An attacker can trigger a Cross Site Request Forgery of Cisco Unified Communications Manager, in order to force the victim to perform operations...
CERTFR-2019-AVI-481, cisco-sa-20191002-cucm-csrf, CSCvo42306, CSCvo91541, CSCvo99233, CVE-2019-1915, VIGILANCE-VUL-30514
Cisco Unified Communications Manager: Cross Site Scripting
An attacker can trigger a Cross Site Scripting of Cisco Unified Communications Manager, in order to run JavaScript code in the context of the web site...
CERTFR-2019-AVI-481, cisco-sa-20191002-cuc-xss, CSCvp14284, CSCvq12061, CSCvq13816, CVE-2019-12707, VIGILANCE-VUL-30513
Our database contains other pages. You can request a free trial to read them.

Display information about Cisco CUCM: