Vulnerabilities > Cisco > Emergency Responder > Medium
| DATE | CVE | VULNERABILITY TITLE | RISK |
|---|---|---|---|
| 2021-01-13 | CVE-2021-1226 | Information Exposure Through Log Files vulnerability in Cisco products A vulnerability in the audit logging component of Cisco Unified Communications Manager, Cisco Unified Communications Manager Session Management Edition, Cisco Unified Communications Manager IM & Presence Service, Cisco Unity Connection, Cisco Emergency Responder, and Cisco Prime License Manager could allow an authenticated, remote attacker to view sensitive information in clear text on an affected system. | 6.5 |
| 2020-09-23 | CVE-2019-16025 | Cross-site Scripting vulnerability in Cisco Emergency Responder A vulnerability in the web framework of Cisco Emergency Responder could allow an authenticated, remote attacker to conduct a cross-site scripting (XSS) attack against a user of the web-based management interface. | 4.8 |
| 2018-10-05 | CVE-2018-15403 | Open Redirect vulnerability in Cisco products A vulnerability in the web interface of Cisco Emergency Responder, Cisco Unified Communications Manager, Cisco Unified Communications Manager IM & Presence Service, and Cisco Unity Connection could allow an authenticated, remote attacker to redirect a user to a malicious web page. | 5.4 |
| 2017-09-07 | CVE-2017-12227 | SQL Injection vulnerability in Cisco Emergency Responder A vulnerability in the SQL database interface for Cisco Emergency Responder could allow an authenticated, remote attacker to conduct a blind SQL injection attack. | 5.4 |
| 2016-12-14 | CVE-2016-9208 | Path Traversal vulnerability in Cisco Emergency Responder 11.5(2.10000.5) A vulnerability in the File Management Utility, the Download File form, and the Serviceability application of Cisco Emergency Responder could allow an authenticated, remote attacker to access files in arbitrary locations on the file system of an affected device. | 6.5 |