Cisco Unified Communications Manager Cisco Unity Connection vulnerabilities
5 known vulnerabilities affecting cisco/cisco_unified_communications_manager_cisco_unity_connection.
Total CVEs
5
CISA KEV
0
Public exploits
0
Exploited in wild
0
Severity breakdown
CRITICAL1HIGH1MEDIUM3
Vulnerabilities
Page 1 of 1
CVE-2020-3532MEDIUMCVSS 6.1vN/A2024-11-18
CVE-2020-3532 [MEDIUM] CWE-79 CVE-2020-3532: A vulnerability in the web-based management interface of Cisco Unified Communications Manager,
A vulnerability in the web-based management interface of Cisco Unified Communications Manager, Cisco Unified Communications Manager Session Management Edition, Cisco Unified Communications Manager IM & Presence Service, and Cisco Unity Connection could allow an unauthenticated, remote attacker to conduct a cross-site scripting (XSS) attack against a use
cvelistv5nvd
CVE-2024-20253CRITICALCVSS 10.0v10.5(2)SU10v10.5(1)+43 more2024-01-26
CVE-2024-20253 [CRITICAL] CWE-502 CVE-2024-20253: A vulnerability in multiple Cisco Unified Communications and Contact Center Solutions products could
A vulnerability in multiple Cisco Unified Communications and Contact Center Solutions products could allow an unauthenticated, remote attacker to execute arbitrary code on an affected device. This vulnerability is due to the improper processing of user-provided data that is being read into memory. An attacker could exploit this vulnerability by se
cvelistv5nvd
CVE-2023-20211HIGHCVSS 8.8v10.5(2)SU10v10.5(1)+43 more2023-08-16
CVE-2023-20211 [HIGH] CWE-89 CVE-2023-20211: A vulnerability in the web-based management interface of Cisco Unified Communications Manager (Unifi
A vulnerability in the web-based management interface of Cisco Unified Communications Manager (Unified CM) and Cisco Unified Communications Manager Session Management Edition (Unified CM SME) could allow an authenticated, remote attacker to conduct SQL injection attacks on an affected system.
This vulnerability is due to improper validation of user-sup
cvelistv5nvd
CVE-2023-20242MEDIUMCVSS 6.1v10.5(2)SU10v10.5(1)+43 more2023-08-16
CVE-2023-20242 [MEDIUM] CWE-79 CVE-2023-20242: A vulnerability in the web-based management interface of Cisco Unified Communications Manager (Unifi
A vulnerability in the web-based management interface of Cisco Unified Communications Manager (Unified CM), Cisco Unified CM Session Management Edition (Unified CM SME), and Cisco Unified Communications Manager IM & Presence Service (Unified CM IM&P) could allow an unauthenticated, remote attacker to conduct a cross-site scripting (XSS) attack agains
cvelistv5nvd
CVE-2023-20116MEDIUMCVSS 5.7v10.5(2)SU10v10.5(1)+43 more2023-06-28
CVE-2023-20116 [MEDIUM] CWE-835 CVE-2023-20116: A vulnerability in the Administrative XML Web Service (AXL) API of Cisco Unified Communications Mana
A vulnerability in the Administrative XML Web Service (AXL) API of Cisco Unified Communications Manager (Unified CM) and Cisco Unified Communications Manager Session Management Edition (Unified CM SME) could allow an authenticated, remote attacker to cause a denial of service (DoS) condition on an affected device.
This vulnerability is due to insuff
cvelistv5nvd