The Vigil@nce team watches public vulnerabilities impacting your computers, and then offers security solutions, a vigilance database and tools to fix them.

Computer vulnerabilities of Cisco Unified CM

Cisco Unified Communications Manager IM&P Service: denial of service via XMPP Authentication
An attacker can trigger a fatal error via XMPP Authentication of Cisco Unified Communications Manager IM&P Service, in order to trigger a denial of service...
CERTFR-2019-AVI-248, cisco-sa-20190605-cucm-imp-dos, CSCvn00361, CSCvp51956, CVE-2019-1845, VIGILANCE-VUL-29475
Cisco Unified Communications Manager: denial of service via UDS API
An attacker can trigger a fatal error via UDS API of Cisco Unified Communications Manager, in order to trigger a denial of service...
cisco-sa-20190417-ucm-dos, CSCvo08315, CVE-2019-1837, VIGILANCE-VUL-29086
Cisco Unified Communications Manager: information disclosure via Digest Credentials
An attacker can bypass access restrictions to data via Digest Credentials of Cisco Unified Communications Manager, in order to obtain sensitive information...
cisco-sa-20190109-cucm-creds-disclosr, CSCvc21606, CVE-2018-0474, VIGILANCE-VUL-28202
Cisco Unified Communications Manager: open redirect
An attacker can deceive the user of Cisco Unified Communications Manager, in order to redirect him to a malicious site...
CERTFR-2018-AVI-468, cisco-sa-20181003-er-ucm-redirect, CSCvj48070, CSCvj56757, CSCvj56760, CSCvj59218, CVE-2018-15403, VIGILANCE-VUL-27401
Apache Struts: code execution via Namespace Special Configuration
An attacker can use a vulnerability via Namespace Special Configuration of Apache Struts, in order to run code...
525207, 526176, CERTFR-2018-ALE-010, CERTFR-2018-AVI-405, cisco-sa-20180823-apache-struts, cpujan2019, CVE-2018-11776, DSA-2018-196, S2-057, VIGILANCE-VUL-27058
Linux kernel: denial of service via FragmentSmack
An attacker can generate a fatal error via FragmentSmack of the Linux kernel, in order to trigger a denial of service...
ADV180022, CERTFR-2018-AVI-390, CERTFR-2018-AVI-392, CERTFR-2018-AVI-419, CERTFR-2018-AVI-457, CERTFR-2018-AVI-478, CERTFR-2018-AVI-533, CERTFR-2019-AVI-233, CERTFR-2019-AVI-242, CERTFR-2020-AVI-207, cisco-sa-20180824-linux-ip-fragment, CVE-2018-5391, DLA-1466-1, DLA-1529-1, DSA-2019-062, DSA-4272-1, FragmentSmack, JSA10917, K74374841, openSUSE-SU-2018:2404-1, openSUSE-SU-2018:2407-1, openSUSE-SU-2019:0274-1, PAN-SA-2018-0012, RHSA-2018:2785-01, RHSA-2018:2791-01, RHSA-2018:2846-01, RHSA-2018:2924-01, RHSA-2018:2925-01, RHSA-2018:2933-01, RHSA-2018:2948-01, RHSA-2018:3083-01, RHSA-2018:3096-01, RHSA-2018:3459-01, RHSA-2018:3540-01, RHSA-2018:3586-01, RHSA-2018:3590-01, sk134253, SSA-377115, SUSE-SU-2018:2344-1, SUSE-SU-2018:2374-1, SUSE-SU-2018:2380-1, SUSE-SU-2018:2381-1, SUSE-SU-2018:2596-1, SUSE-SU-2019:0541-1, SUSE-SU-2019:1289-1, SYMSA1467, Synology-SA-18:44, USN-3740-1, USN-3740-2, USN-3741-1, USN-3741-2, USN-3741-3, USN-3742-1, USN-3742-2, USN-3742-3, VIGILANCE-VUL-27009, VU#641765
Cisco CUCM IM&P: denial of service via XCP Router Service
An attacker can generate a fatal error via XCP Router Service of Cisco CUCM IM&P, in order to trigger a denial of service...
CERTFR-2018-AVI-393, cisco-sa-20180815-ucmimps-dos, CSCvg97663, CSCvi55947, CVE-2018-0409, VIGILANCE-VUL-26994
Cisco Unified Communications Manager: Cross Site Scripting
An attacker can trigger a Cross Site Scripting of Cisco Unified Communications Manager, in order to run JavaScript code in the context of the web site...
cisco-sa-20180801-ucm-xss, CSCvk15343, CVE-2018-0411, VIGILANCE-VUL-26896
Cisco Unified Communications Manager IM and Presence Service: Cross Site Request Forgery
An attacker can trigger a Cross Site Request Forgery of Cisco Unified Communications Manager IM and Presence Service, in order to force the victim to perform operations...
CERTFR-2018-AVI-298, cisco-sa-20180620-ucmim-ps-csrf, CSCvi55878, CVE-2018-0363, VIGILANCE-VUL-26478
Cisco Unified Communications Manager: Cross Site Scripting
An attacker can trigger a Cross Site Scripting of Cisco Unified Communications Manager, in order to run JavaScript code in the context of the web site...
CERTFR-2018-AVI-270, cisco-sa-20180606-ucm-xss, CSCvj00512, CVE-2018-0340, VIGILANCE-VUL-26346
Our database contains other pages. You can request a free trial to read them.

Display information about Cisco Unified CM: