Vulnerabilities > Cisco > Unity Connection > 11.5.1.su3

DATE CVE VULNERABILITY TITLE RISK
2020-07-02 CVE-2020-3282 Cross-site Scripting vulnerability in Cisco products
A vulnerability in the web-based management interface of Cisco Unified Communications Manager, Cisco Unified Communications Manager Session Management Edition, Cisco Unified Communications Manager IM & Presence Service, and Cisco Unity Connection could allow an unauthenticated, remote attacker to conduct a cross-site scripting (XSS) attack against a user of the interface.
network
cisco CWE-79
4.3
4.3
2020-01-26 CVE-2020-3129 Cross-site Scripting vulnerability in Cisco Unity Connection
A vulnerability in the web-based management interface of Cisco Unity Connection Software could allow an authenticated, remote attacker to perform a stored cross-site scripting (XSS) attack.
network
cisco CWE-79
3.5
3.5
2018-06-07 CVE-2017-6779 Resource Exhaustion vulnerability in Cisco products
Multiple Cisco products are affected by a vulnerability in local file management for certain system log files of Cisco collaboration products that could allow an unauthenticated, remote attacker to cause high disk utilization, resulting in a denial of service (DoS) condition.
network
low complexity
cisco CWE-400
7.8
7.8