Vulnerabilities > Cisco
| DATE | CVE | VULNERABILITY TITLE | RISK |
|---|---|---|---|
| 2015-04-03 | CVE-2015-0613 | Data Processing Errors vulnerability in Cisco Unity Connection The Connection Conversation Manager (aka CuCsMgr) process in Cisco Unity Connection 8.5 before 8.5(1)SU7, 8.6 before 8.6(2a)SU4, 9.x before 9.1(2)SU2, and 10.0 before 10.0(1)SU1, when SIP trunk integration is enabled, allows remote attackers to cause a denial of service (core dump and restart) via crafted SIP INVITE messages, aka Bug ID CSCul20444. | 7.1 |
| 2015-04-03 | CVE-2015-0612 | Data Processing Errors vulnerability in Cisco products The Connection Conversation Manager (aka CuCsMgr) process in Cisco Unity Connection 8.5 before 8.5(1)SU6, 8.6 before 8.6(2a)SU4, and 9.x before 9.1(2)SU2, when SIP trunk integration is enabled, allows remote attackers to cause a denial of service (SIP outage) via a crafted UDP packet, aka Bug ID CSCuh25062. | 7.1 |
| 2015-04-03 | CVE-2015-0684 | SQL Injection vulnerability in Cisco Unified Communications Domain Manager 8.1(.4) SQL injection vulnerability in the Image Management component in Cisco Unified Communications Domain Manager 8.1(4) allows remote authenticated users to execute arbitrary SQL commands via unspecified vectors, aka Bug ID CSCuq52515. | 6.5 |
| 2015-04-03 | CVE-2015-0683 | Information Exposure vulnerability in Cisco Unified Communications Domain Manager 8.1(.4) Cisco Unified Communications Domain Manager 8.1(4) allows remote authenticated users to obtain sensitive information via a file-inclusion attack, aka Bug ID CSCup94744. | 4.0 |
| 2015-04-03 | CVE-2015-0682 | Permissions, Privileges, and Access Controls vulnerability in Cisco Unified Communications Domain Manager 8.1(.4) Cisco Unified Communications Domain Manager 8.1(4) allows remote authenticated users to execute arbitrary code by visiting a "deprecated page," aka Bug ID CSCup90168. | 6.5 |
| 2015-04-03 | CVE-2015-0666 | Path Traversal vulnerability in Cisco Prime Data Center Network Manager Directory traversal vulnerability in the fmserver servlet in Cisco Prime Data Center Network Manager (DCNM) before 7.1(1) allows remote attackers to read arbitrary files via a crafted pathname, aka Bug ID CSCus00241. | 7.8 |
| 2015-04-03 | CVE-2015-0687 | Resource Management Errors vulnerability in Cisco IOS 15.1(2)Sg4/15.1Sg The SNMP implementation in Cisco IOS 15.1(2)SG4 on Catalyst 4500 devices, when single-switch Virtual Switching System (VSS) is configured, allows remote authenticated users to cause a denial of service (device crash) by performing SNMP polling, aka Bug ID CSCuq04574. | 6.3 |
| 2015-04-03 | CVE-2015-0686 | Resource Management Errors vulnerability in Cisco Nx-Os 6.1(2)I2(3) The SNMP implementation in Cisco NX-OS 6.1(2)I2(3) on Nexus 9000 devices, when a Reset High Availability (HA) policy is configured, allows remote authenticated users to cause a denial of service (device reload) via unspecified vectors, aka Bug ID CSCuq92240. | 6.3 |
| 2015-04-03 | CVE-2015-0685 | Improper Input Validation vulnerability in Cisco IOS XE Cisco IOS XE before 3.7.5S on ASR 1000 devices does not properly handle route adjacencies, which allows remote attackers to cause a denial of service (device hang) via crafted IP packets, aka Bug ID CSCub31873. | 7.8 |
| 2015-03-28 | CVE-2015-0680 | Information Exposure vulnerability in Cisco Unified Callmanager 9.1(2.1000.28) Cisco Unified Call Manager (CM) 9.1(2.1000.28) does not properly restrict resource requests, which allows remote authenticated users to read arbitrary files via unspecified vectors, aka Bug ID CSCuq44439. | 4.0 |