Vulnerabilities > Cisco > Unified Communications Manager > 10.5.2.14076.1

DATE CVE VULNERABILITY TITLE RISK
2020-09-23 CVE-2020-3135 Cross-Site Request Forgery (CSRF) vulnerability in Cisco Unified Communications Manager
A vulnerability in the web-based management interface of Cisco Unified Communications Manager (UCM) could allow an unauthenticated, remote attacker to conduct a cross-site request forgery (CSRF) attack on an affected device.
network
low complexity
cisco CWE-352
8.8
2019-01-10 CVE-2018-0474 Insufficiently Protected Credentials vulnerability in Cisco Unified Communications Manager 10.5(2.14076.1)
A vulnerability in the web-based management interface of Cisco Unified Communications Manager could allow an authenticated, remote attacker to view digest credentials in clear text.
network
low complexity
cisco CWE-522
8.8
2017-03-17 CVE-2017-3872 Cross-site Scripting vulnerability in Cisco Unified Communications Manager
A cross-site scripting (XSS) filter bypass vulnerability in the web-based management interface of Cisco Unified Communications Manager could allow an unauthenticated, remote attacker to conduct XSS attacks against a user of an affected device.
network
low complexity
cisco CWE-79
6.1
2017-02-22 CVE-2017-3821 Cross-site Scripting vulnerability in Cisco Unified Communications Manager 10.5(2.14076.1)
A vulnerability in the serviceability page of Cisco Unified Communications Manager could allow an unauthenticated, remote attacker to conduct reflected cross-site scripting (XSS) attacks.
network
low complexity
cisco CWE-79
6.1