Show filters
46 Total Results
Displaying 21-30 of 46
Sort by:
Attacker Value
Unknown

CVE-2014-0742

Disclosure Date: February 27, 2014 (last updated October 05, 2023)
The Certificate Authority Proxy Function (CAPF) CLI implementation in the CSR management feature in Cisco Unified Communications Manager (Unified CM) 10.0(1) and earlier allows local users to read or modify arbitrary files via unspecified vectors, aka Bug ID CSCum95464.
0
0
Attacker Value
Unknown

CVE-2014-0741

Disclosure Date: February 27, 2014 (last updated October 05, 2023)
The certificate-import feature in the Certificate Authority Proxy Function (CAPF) CLI implementation in Cisco Unified Communications Manager (Unified CM) 10.0(1) and earlier allows local users to read or modify arbitrary files via a crafted command, aka Bug ID CSCum95461.
0
0
Attacker Value
Unknown

CVE-2014-0731

Disclosure Date: February 22, 2014 (last updated October 05, 2023)
The administration interface in Cisco Unified Communications Manager (Unified CM) 10.0(1) and earlier allows remote attackers to bypass authentication and read Java class files via a direct request, aka Bug ID CSCum46497.
0
0
Attacker Value
Unknown

CVE-2014-0733

Disclosure Date: February 20, 2014 (last updated October 05, 2023)
The Enterprise License Manager (ELM) component in Cisco Unified Communications Manager (Unified CM) 10.0(1) and earlier does not properly enforce authentication requirements, which allows remote attackers to read ELM files via a direct request to a URL, aka Bug ID CSCum46494.
0
0
Attacker Value
Unknown

CVE-2014-0736

Disclosure Date: February 20, 2014 (last updated October 05, 2023)
Cross-site request forgery (CSRF) vulnerability in the Call Detail Records Analysis and Reporting (CAR) page in Cisco Unified Communications Manager (Unified CM) 10.0(1) and earlier allows remote attackers to hijack the authentication of arbitrary users for requests that make CAR modifications, aka Bug ID CSCum46468.
0
0
Attacker Value
Unknown

CVE-2014-0734

Disclosure Date: February 20, 2014 (last updated October 05, 2023)
SQL injection vulnerability in the Certificate Authority Proxy Function (CAPF) implementation in Cisco Unified Communications Manager (Unified CM) 10.0(1) and earlier allows remote attackers to execute arbitrary SQL commands via a crafted URL, aka Bug ID CSCum46483.
0
0
Attacker Value
Unknown

CVE-2014-0735

Disclosure Date: February 20, 2014 (last updated October 05, 2023)
Cross-site scripting (XSS) vulnerability in the IP Manager Assistant (IPMA) interface in Cisco Unified Communications Manager (Unified CM) 10.0(1) and earlier allows remote attackers to inject arbitrary web script or HTML via a crafted URL, aka Bug ID CSCum46470.
0
0
Attacker Value
Unknown

CVE-2014-0732

Disclosure Date: February 20, 2014 (last updated October 05, 2023)
The Real Time Monitoring Tool (RTMT) web application in Cisco Unified Communications Manager (Unified CM) 10.0(1) and earlier does not properly enforce authentication requirements, which allows remote attackers to read application files via a direct request to a URL, aka Bug ID CSCum46495.
0
0
Attacker Value
Unknown

CVE-2014-0657

Disclosure Date: January 08, 2014 (last updated October 05, 2023)
The administration portal in Cisco Unified Communications Manager (Unified CM) 9.1(1) and earlier does not properly handle role restrictions, which allows remote authenticated users to bypass role-based access control via multiple visits to a forbidden portal URL, aka Bug ID CSCuj83540.
0
0
Attacker Value
Unknown

CVE-2013-6978

Disclosure Date: December 21, 2013 (last updated October 05, 2023)
The disaster recovery system (DRS) component in Cisco Unified Communications Manager (UCM) 9.1(1) and earlier allows remote authenticated users to obtain sensitive device information by reading "extraneous information" in HTML source code, aka Bug ID CSCuj39249.
0
0
View More Topics  < Previous  Next >