Vulnerabilities > Cisco > Unity Connection > 11.5.0.199

DATE CVE VULNERABILITY TITLE RISK
2018-06-07 CVE-2017-6779 Resource Exhaustion vulnerability in Cisco products
Multiple Cisco products are affected by a vulnerability in local file management for certain system log files of Cisco collaboration products that could allow an unauthenticated, remote attacker to cause high disk utilization, resulting in a denial of service (DoS) condition.
network
low complexity
cisco CWE-400
7.8
7.8
2016-04-21 CVE-2015-6360 Improper Restriction of Operations within the Bounds of a Memory Buffer vulnerability in Cisco products
The encryption-processing feature in Cisco libSRTP before 1.5.3 allows remote attackers to cause a denial of service via crafted fields in SRTP packets, aka Bug ID CSCux00686.
network
low complexity
cisco CWE-119
7.5
7.5
2016-02-06 CVE-2016-1310 Cross-site Scripting vulnerability in Cisco Unity Connection 11.5(0.199)
Cross-site scripting (XSS) vulnerability in Cisco Unity Connection 11.5(0.199) allows remote attackers to inject arbitrary web script or HTML via a crafted URL, aka Bug ID CSCuy09033.
network
cisco CWE-79
4.3
4.3