Vulnerabilities > Cisco > Unified Communications Manager > 11.5.1.12000.1

DATE CVE VULNERABILITY TITLE RISK
2022-07-06 CVE-2022-20800 Cross-site Scripting vulnerability in Cisco Unified Communications Manager
A vulnerability in the web-based management interface of Cisco Unified Communications Manager (Unified CM), Cisco Unified Communications Manager Session Management Edition (Unified CM SME), Cisco Unified Communications Manager IM & Presence Service (Unified CM IM&P), and Cisco Unity Connection could allow an unauthenticated, remote attacker to conduct a cross-site scripting (XSS) attack against a user of the interface.
network
low complexity
cisco CWE-79
6.1
6.1
2021-11-04 CVE-2021-34701 Path Traversal vulnerability in Cisco Unified Communications Manager
A vulnerability in the web-based management interface of Cisco Unified Communications Manager (Unified CM), Cisco Unified Communications Manager Session Management Edition (Unified CM SME), Cisco Unified Communications Manager IM & Presence Service (Unified CM IM&P), and Cisco Unity Connection could allow an authenticated, remote attacker to access sensitive data on an affected device.
network
low complexity
cisco CWE-22
4.3
4.3
2021-04-08 CVE-2021-1409 Cross-site Scripting vulnerability in Cisco products
Multiple vulnerabilities in the web-based management interface of Cisco Unified Communications Manager (Unified CM), Cisco Unified Communications Manager IM & Presence Service (Unified CM IM&P), Cisco Unified Communications Manager Session Management Edition (Unified CM SME), and Cisco Unity Connection could allow an unauthenticated, remote attacker to conduct a cross-site scripting (XSS) attack against an interface user.
network
low complexity
cisco CWE-79
6.1
6.1
2021-04-08 CVE-2021-1408 Cross-site Scripting vulnerability in Cisco Unified Communications Manager
Multiple vulnerabilities in the web-based management interface of Cisco Unified Communications Manager (Unified CM), Cisco Unified Communications Manager IM & Presence Service (Unified CM IM&P), Cisco Unified Communications Manager Session Management Edition (Unified CM SME), and Cisco Unity Connection could allow an unauthenticated, remote attacker to conduct a cross-site scripting (XSS) attack against an interface user.
network
low complexity
cisco CWE-79
6.1
6.1
2021-04-08 CVE-2021-1407 Cross-site Scripting vulnerability in Cisco Unified Communications Manager
Multiple vulnerabilities in the web-based management interface of Cisco Unified Communications Manager (Unified CM), Cisco Unified Communications Manager IM & Presence Service (Unified CM IM&P), Cisco Unified Communications Manager Session Management Edition (Unified CM SME), and Cisco Unity Connection could allow an unauthenticated, remote attacker to conduct a cross-site scripting (XSS) attack against an interface user.
network
low complexity
cisco CWE-79
6.1
6.1
2021-04-08 CVE-2021-1380 Cross-site Scripting vulnerability in Cisco products
Multiple vulnerabilities in the web-based management interface of Cisco Unified Communications Manager (Unified CM), Cisco Unified Communications Manager IM & Presence Service (Unified CM IM&P), Cisco Unified Communications Manager Session Management Edition (Unified CM SME), and Cisco Unity Connection could allow an unauthenticated, remote attacker to conduct a cross-site scripting (XSS) attack against an interface user.
network
low complexity
cisco CWE-79
6.1
6.1
2017-04-20 CVE-2017-3808 Improper Restriction of Operations within the Bounds of a Memory Buffer vulnerability in Cisco Unified Communications Manager
A vulnerability in the Session Initiation Protocol (SIP) UDP throttling process of Cisco Unified Communications Manager (Cisco Unified CM) could allow an unauthenticated, remote attacker to cause a denial of service (DoS) condition on an affected device.
network
low complexity
cisco CWE-119
7.5
7.5
2017-01-26 CVE-2017-3798 Cross-site Scripting vulnerability in Cisco Unified Communications Manager 11.5(1.12000.1)
A cross-site scripting (XSS) filter bypass vulnerability in the web-based management interface of Cisco Unified Communications Manager could allow an unauthenticated, remote attacker to mount XSS attacks against a user of an affected device.
network
low complexity
cisco CWE-79
6.1
6.1