Vulnerabilities > Cisco > Unified Communications Manager > 5.1
| DATE | CVE | VULNERABILITY TITLE | RISK |
|---|---|---|---|
| 2009-08-27 | CVE-2009-2050 | Unspecified vulnerability in Cisco Unified Communications Manager Cisco Unified Communications Manager (aka CUCM, formerly CallManager) before 6.1(1) allows remote attackers to cause a denial of service (voice-services outage) via a malformed header in a SIP message, aka Bug ID CSCsi46466. | 7.8 |
| 2009-01-22 | CVE-2009-0057 | Improper Input Validation vulnerability in Cisco Unified Communications Manager The Certificate Authority Proxy Function (CAPF) service in Cisco Unified Communications Manager 5.x before 5.1(3e) and 6.x before 6.1(3) allows remote attackers to cause a denial of service (voice service outage) by sending malformed input over a TCP session in which the "client terminates prematurely." | 4.3 |
| 2008-09-26 | CVE-2008-3801 | Unspecified vulnerability in Cisco products Unspecified vulnerability in the Session Initiation Protocol (SIP) implementation in Cisco IOS 12.2 through 12.4 and Unified Communications Manager 4.1 through 6.1, when VoIP is configured, allows remote attackers to cause a denial of service (device or process reload) via unspecified valid SIP messages, aka Cisco Bug ID CSCsm46064, a different vulnerability than CVE-2008-3800 and CVE-2008-3802. network cisco | 7.1 |
| 2008-09-26 | CVE-2008-3800 | Unspecified vulnerability in Cisco products Unspecified vulnerability in the Session Initiation Protocol (SIP) implementation in Cisco IOS 12.2 through 12.4 and Unified Communications Manager 4.1 through 6.1, when VoIP is configured, allows remote attackers to cause a denial of service (device or process reload) via unspecified valid SIP messages, aka Cisco Bug ID CSCsu38644, a different vulnerability than CVE-2008-3801 and CVE-2008-3802. network cisco | 7.1 |
| 2008-06-26 | CVE-2008-2730 | Improper Authentication vulnerability in Cisco Unified Communications Manager 5.1/6.1 The Real-Time Information Server (RIS) Data Collector service in Cisco Unified Communications Manager (CUCM) 5.x before 5.1(3) and 6.x before 6.1(1) allows remote attackers to bypass authentication, and obtain cluster configuration information and statistics, via a direct TCP connection to the service port, aka Bug ID CSCsj90843. | 5.0 |
| 2008-06-26 | CVE-2008-2062 | Permissions, Privileges, and Access Controls vulnerability in Cisco Unified Communications Manager The Real-Time Information Server (RIS) Data Collector service in Cisco Unified Communications Manager (CUCM) before 4.2(3)SR4, and 4.3 before 4.3(2)SR1, allows remote attackers to bypass authentication, and obtain cluster configuration information and statistics, via a direct TCP connection to the service port, aka Bug ID CSCsq35151. | 5.0 |
| 2008-06-26 | CVE-2008-2061 | Improper Input Validation vulnerability in Cisco Unified Communications Manager The Computer Telephony Integration (CTI) Manager service in Cisco Unified Communications Manager (CUCM) 5.x before 5.1(3c) and 6.x before 6.1(2) allows remote attackers to cause a denial of service (TSP crash) via malformed network traffic to TCP port 2748. | 7.8 |
| 2008-05-16 | CVE-2008-1748 | Improper Input Validation vulnerability in Cisco Unified Communications Manager Cisco Unified Communications Manager 4.1 before 4.1(3)SR7, 4.2 before 4.2(3)SR4, 4.3 before 4.3(2), 5.x before 5.1(3), and 6.x before 6.1(1) does not properly validate SIP URLs, which allows remote attackers to cause a denial of service (service interruption) via a SIP INVITE message, aka Bug ID CSCsl22355. | 7.8 |
| 2008-05-16 | CVE-2008-1747 | Improper Input Validation vulnerability in Cisco Unified Communications Manager Unspecified vulnerability in Cisco Unified Communications Manager 4.1 before 4.1(3)SR6, 4.2 before 4.2(3)SR3, 4.3 before 4.3(2), 5.x before 5.1(3), and 6.x before 6.1(1) allows remote attackers to cause a denial of service (CCM service restart) via an unspecified SIP INVITE message, aka Bug ID CSCsk46944. | 7.8 |
| 2008-05-16 | CVE-2008-1746 | Improper Input Validation vulnerability in Cisco Unified Communications Manager The SNMP Trap Agent service in Cisco Unified Communications Manager (CUCM) 4.1 before 4.1(3)SR6, 4.2 before 4.2(3)SR3, 4.3 before 4.3(2), 5.x before 5.1(3), and 6.x before 6.1(1) allows remote attackers to cause a denial of service (core dump and service restart) via a series of malformed UDP packets, as demonstrated by the IP Stack Integrity Checker (ISIC), aka Bug ID CSCsj24113. | 7.8 |