Vulnerabilities > Cisco > Unity Connection > 11.0.0.98000.225
| DATE | CVE | VULNERABILITY TITLE | RISK |
|---|---|---|---|
| 2018-06-07 | CVE-2017-6779 | Resource Exhaustion vulnerability in Cisco products Multiple Cisco products are affected by a vulnerability in local file management for certain system log files of Cisco collaboration products that could allow an unauthenticated, remote attacker to cause high disk utilization, resulting in a denial of service (DoS) condition. | 7.8 |
| 2016-04-21 | CVE-2015-6360 | Improper Restriction of Operations within the Bounds of a Memory Buffer vulnerability in Cisco products The encryption-processing feature in Cisco libSRTP before 1.5.3 allows remote attackers to cause a denial of service via crafted fields in SRTP packets, aka Bug ID CSCux00686. | 7.5 |
| 2016-04-12 | CVE-2016-1377 | Cross-site Scripting vulnerability in Cisco Unity Connection Cross-site scripting (XSS) vulnerability in Cisco Unity Connection through 11.0 allows remote attackers to inject arbitrary web script or HTML via unspecified parameters, aka Bug ID CSCus21776. | 4.3 |
| 2015-05-07 | CVE-2015-0716 | Cross-Site Request Forgery (CSRF) vulnerability in Cisco Unity Connection 11.0(0.98000.225)/11.0(0.98000.332) Cross-site request forgery (CSRF) vulnerability in the CUCReports page in Cisco Unity Connection 11.0(0.98000.225) and 11.0(0.98000.332) allows remote attackers to hijack the authentication of arbitrary users, aka Bug ID CSCut33659. | 6.8 |
| 2015-05-07 | CVE-2015-0715 | SQL Injection vulnerability in Cisco Unity Connection 11.0(0.98000.225) SQL injection vulnerability in the administrative web interface in Cisco Unified Communications Manager 11.0(0.98000.225) allows remote authenticated users to execute arbitrary SQL commands via unspecified vectors, aka Bug IDs CSCut33447 and CSCut33608. | 6.5 |