Vulnerabilities > Cisco > Unified Communications Manager > 9.1.1a

DATE CVE VULNERABILITY TITLE RISK
2013-07-18 CVE-2013-3434 Local Privilege Escalation vulnerability in Cisco Unified Communications Manager
Untrusted search path vulnerability in Cisco Unified Communications Manager (CUCM) 7.1(x) through 9.1(1a) allows local users to gain privileges by leveraging unspecified file-permission and environment-variable issues for privileged programs, aka Bug ID CSCui02242.
local
low complexity
cisco
6.8
6.8
2013-07-18 CVE-2013-3433 Local Privilege Escalation vulnerability in Cisco Unified Communications Manager
Untrusted search path vulnerability in Cisco Unified Communications Manager (CUCM) 7.1(x) through 9.1(1a) allows local users to gain privileges by leveraging unspecified file-permission and environment-variable issues for privileged programs, aka Bug ID CSCui02276.
local
low complexity
cisco
6.8
6.8
2013-07-18 CVE-2013-3404 SQL Injection vulnerability in Cisco Unified Communications Manager
SQL injection vulnerability in Cisco Unified Communications Manager (CUCM) 7.1(x) through 9.1(1a) allows remote attackers to execute arbitrary SQL commands via unspecified vectors, leading to discovery of encrypted credentials by leveraging metadata, aka Bug ID CSCuh01051.
network
low complexity
cisco CWE-89
7.5
7.5
2013-07-18 CVE-2013-3403 Unspecified vulnerability in Cisco Unified Communications Manager
Multiple untrusted search path vulnerabilities in Cisco Unified Communications Manager (CUCM) 7.1(x) through 9.1(1a) allow local users to gain privileges by leveraging unspecified file-permission and environment-variable issues for privileged programs, aka Bug ID CSCuh73454.
local
low complexity
cisco
6.8
6.8