The Vigil@nce team watches public vulnerabilities impacting your computers, and then offers security solutions, a vigilance database and tools to fix them.

Computer vulnerabilities of Cisco Unified CM

Cisco Unified Communications Manager: SQL injection via Web-based Management Interface
An attacker can use a SQL injection via Web-based Management Interface of Cisco Unified Communications Manager, in order to read or alter data...
cisco-sa-20191120-cucm-sql, CSCvp49463, CVE-2019-15972, VIGILANCE-VUL-30925
Cisco Unified Communications Manager: privilege escalation via HTTP Methods
An attacker can bypass restrictions via HTTP Methods of Cisco Unified Communications Manager, in order to escalate his privileges...
CERTFR-2019-AVI-481, cisco-sa-20191002-ucm-secbypass, CSCvp14434, CVE-2019-15272, VIGILANCE-VUL-30519
Cisco Unified Communications Manager: external XML entity injection
An attacker can transmit malicious XML data to Cisco Unified Communications Manager, in order to read a file, scan sites, or trigger a denial of service...
CERTFR-2019-AVI-481, cisco-sa-20191002-cucm-xxe, CSCvp46079, CVE-2019-12711, VIGILANCE-VUL-30517
Cisco Unified Communications Manager: Cross Site Scripting
An attacker can trigger a Cross Site Scripting of Cisco Unified Communications Manager, in order to run JavaScript code in the context of the web site...
CERTFR-2019-AVI-481, cisco-sa-20191002-cucm-xss-12716, CSCvo42317, CVE-2019-12716, VIGILANCE-VUL-30516
Cisco Unified Communications Manager: Cross Site Scripting
An attacker can trigger a Cross Site Scripting of Cisco Unified Communications Manager, in order to run JavaScript code in the context of the web site...
CERTFR-2019-AVI-481, cisco-sa-20191002-cucm-xss-12715, CSCvo42294, CVE-2019-12715, VIGILANCE-VUL-30515
Cisco Unified Communications Manager: Cross Site Request Forgery
An attacker can trigger a Cross Site Request Forgery of Cisco Unified Communications Manager, in order to force the victim to perform operations...
CERTFR-2019-AVI-481, cisco-sa-20191002-cucm-csrf, CSCvo42306, CSCvo91541, CSCvo99233, CVE-2019-1915, VIGILANCE-VUL-30514
Cisco Unified Communications Manager: Cross Site Scripting
An attacker can trigger a Cross Site Scripting of Cisco Unified Communications Manager, in order to run JavaScript code in the context of the web site...
CERTFR-2019-AVI-481, cisco-sa-20191002-cuc-xss, CSCvp14284, CSCvq12061, CSCvq13816, CVE-2019-12707, VIGILANCE-VUL-30513
Cisco Unified Communications Manager: SQL injection
An attacker can use a SQL injection of Cisco Unified Communications Manager, in order to read or alter data...
CERTFR-2019-AVI-481, cisco-sa-20191002-cuc-inject, CSCvo42378, CVE-2019-12710, VIGILANCE-VUL-30512
Cisco Unified Communications Manager: denial of service via SIP
An attacker can trigger a fatal error via SIP of Cisco Unified Communications Manager, in order to trigger a denial of service...
CERTFR-2019-AVI-304, cisco-sa-20190703-cucm-dos, CSCvo70834, CVE-2019-1887, VIGILANCE-VUL-29686
Cisco Unified Communications Manager IM&P Service: denial of service via XMPP Authentication
An attacker can trigger a fatal error via XMPP Authentication of Cisco Unified Communications Manager IM&P Service, in order to trigger a denial of service...
CERTFR-2019-AVI-248, cisco-sa-20190605-cucm-imp-dos, CSCvn00361, CSCvp51956, CVE-2019-1845, VIGILANCE-VUL-29475
Our database contains other pages. You can request a free trial to read them.

Display information about Cisco Unified CM: