Vulnerabilities > Cisco > Unified Communications Domain Manager > Medium

DATE CVE VULNERABILITY TITLE RISK
2019-11-26 CVE-2019-15968 Cross-site Scripting vulnerability in Cisco products
A vulnerability in the web-based management interface of Cisco Unified Communications Domain Manager (Unified CDM) could allow an authenticated, remote attacker to conduct a cross-site scripting (XSS) attack against a user of the web-based management interface of an affected system.
network
low complexity
cisco CWE-79
5.4
5.4
2018-08-15 CVE-2018-0386 Cross-site Scripting vulnerability in Cisco products
A vulnerability in Cisco Unified Communications Domain Manager Software could allow an unauthenticated, remote attacker to conduct a cross-site scripting (XSS) attack on an affected system.
network
low complexity
cisco CWE-79
6.1
6.1
2017-11-16 CVE-2017-12302 SQL Injection vulnerability in Cisco Unified Communications Domain Manager
A vulnerability in the Cisco Unified Communications Manager SQL database interface could allow an authenticated, remote attacker to impact the confidentiality of the system by executing arbitrary SQL queries, aka SQL Injection.
network
low complexity
cisco CWE-89
4.3
4.3
2017-06-13 CVE-2017-6670 Open Redirect vulnerability in Cisco Unified Communications Domain Manager 8.1(7)Er1
A vulnerability in the web-based GUI of Cisco Unified Communications Domain Manager could allow an unauthenticated, remote attacker to redirect a user to a malicious web page, aka an Open Redirect issue.
network
low complexity
cisco CWE-601
6.1
6.1
2017-06-13 CVE-2017-6668 SQL Injection vulnerability in Cisco Unified Communications Domain Manager 8.1(7)Er1
Vulnerabilities in the web-based GUI of Cisco Unified Communications Domain Manager (CUCDM) could allow an authenticated, remote attacker to impact the confidentiality of the system by executing arbitrary SQL queries, aka SQL Injection.
network
low complexity
cisco CWE-89
4.9
4.9
2016-03-03 CVE-2016-1354 Cross-site Scripting vulnerability in Cisco Unified Communications Domain Manager 8.0/8.0.1/8.0.2
Cross-site scripting (XSS) vulnerability in Cisco Unified Communications Domain Manager (UCDM) 8.x before 8.1.1 allows remote attackers to inject arbitrary web script or HTML via crafted markup data, aka Bug ID CSCud41176.
network
low complexity
cisco CWE-79
6.1
6.1