Latest cisco unity connection Vulnerabilities

CVE-2024-20253
A vulnerability in multiple Cisco Unified Communications and Contact Center Solutions products could allow an unauthenticated, remote attacker to execute arbitrary code on an affected device. This vul...
Cisco Unified Communications Manager<12.5\(1\)su8
Cisco Unified Communications Manager>=14.0<14su3
Cisco Unified Communications Manager<12.5\(1\)su8
Cisco Unified Communications Manager>=14.0<14su3
Cisco Unified Communications Manager IM and Presence Service<12.5\(1\)su8
Cisco Unified Communications Manager IM and Presence Service>=14.0<14.0su3
and 6 more
CVE-2024-20305
A vulnerability in the web-based management interface of Cisco Unity Connection could allow an authenticated, remote attacker to conduct a cross-site scripting (XSS) attack against a user of the inter...
Cisco Unity Connection<15.0
CVE-2024-20272
A vulnerability in the web-based management interface of Cisco Unity Connection could allow an unauthenticated, remote attacker to upload arbitrary files to an affected system and execute commands on ...
Cisco Unity Connection<12.5.1.19017-4
Cisco Unity Connection>=14.0<14.0.1.14006-5
CVE-2023-20259
A vulnerability in an API endpoint of multiple Cisco Unified Communications Products could allow an unauthenticated, remote attacker to cause high CPU utilization, which could impact access to the web...
Cisco Emergency Responder=14su3
Cisco Prime Collaboration Deployment=14su3
Cisco Unified Communications Manager=12.5\(1\)su7
Cisco Unified Communications Manager=12.5\(1\)su7
Cisco Unified Communications Manager=14su3
Cisco Unified Communications Manager=14su3
and 3 more
CVE-2023-20266
A vulnerability in Cisco Emergency Responder, Cisco Unified Communications Manager (Unified CM), Cisco Unified Communications Manager Session Management Edition (Unified CM SME), and Cisco Unity Conne...
Cisco Emergency Responder=12.5.1su4
Cisco Emergency Responder=12.5.1su8a
Cisco Emergency Responder=14su3
Cisco Unified Communications Manager=12.5.1su8
Cisco Unified Communications Manager=12.5.1su8
Cisco Unity Connection=12.5\(1\)su6
and 4 more
CVE-2022-20859
A vulnerability in the Disaster Recovery framework of Cisco Unified Communications Manager (Unified CM), Cisco Unified Communications Manager IM &amp; Presence Service (Unified CM IM&amp;P), and Cisco...
Cisco Unified Communications Manager>=14.0<14su2
Cisco Unified Communications Manager IM and Presence Service>=14.0<14.0su2
Cisco Unity Connection>=14.0<14su2
CVE-2022-20752
A vulnerability in Cisco Unified Communications Manager (Unified CM), Cisco Unified Communications Manager Session Management Edition (Unified CM SME), and Cisco Unity Connection could allow an unauth...
Cisco Unified Communications Manager>=12.5\(1\)<12.5\(1\)su6
Cisco Unified Communications Manager>=12.5\(1\)<12.5\(1\)su6
Cisco Unified Communications Manager>=14.0<14su1
Cisco Unified Communications Manager>=14.0<14su1
Cisco Unity Connection>=12.5\(1\)<12.5\(1\)su6
Cisco Unity Connection>=14.0<14su1
CVE-2022-20800
A vulnerability in the web-based management interface of Cisco Unified Communications Manager (Unified CM), Cisco Unified Communications Manager Session Management Edition (Unified CM SME), Cisco Unif...
Cisco Unified Communications Manager>=11.5\(1\)<14su2
Cisco Unified Communications Manager>=11.5\(1\)<14su2
Cisco Unified Communications Manager IM and Presence Service>=11.5\(1\)<12.5\(1\)su5
Cisco Unity Connection>=11.5\(1\)<14su2
cisco-sa-cucm-xss-RgH7MpKA
Cisco Unified Communications Products Cross-Site Scripting Vulnerability
Cisco Unified CM>=11.5(1)=12.5(1)<=14<14SU2
Cisco Unified CM SME>=11.5(1)=12.5(1)<=14<14SU2
Cisco Unified CM IM&P>=11.5(1)<=12.5(1)<12.5(1)SU5
Cisco Unity Connection>=11.5(1)=12.5(1)<=14<14SU2
cisco-sa-ucm-access-dMKvV2DY
Cisco Unified Communications Products Access Control Vulnerability
Cisco Unified CM=14<14SU2
Cisco Unified CM IM&P=14<14SU2
Cisco Unity Connection=14<14SU2
CVE-2022-20788
A vulnerability in the web-based management interface of Cisco Unified Communications Manager (Unified CM), Cisco Unified CM Session Management Edition (Unified CM SME), and Cisco Unity Connection cou...
Cisco Unified Communications Manager>=11.5\(1\)<11.5\(1\)su11
Cisco Unified Communications Manager>=11.5\(1\)<11.5\(1\)su11
Cisco Unified Communications Manager>=12.5\(1\)<12.5\(1\)su6
Cisco Unified Communications Manager>=12.5\(1\)<12.5\(1\)su6
Cisco Unified Communications Manager>=14.0<14su1
Cisco Unified Communications Manager>=14.0<14su1
and 2 more
cisco-sa-cucm-xss-6MCe4kPF
Cisco Unified Communications Products Cross-Site Scripting Vulnerability
Cisco Unified CM=14<14SU1=12.5(1)<12.5(1)SU6=11.5(1)<11.5(1)SU11
Cisco Unified CM SME=14<14SU1=12.5(1)<12.5(1)SU6=11.5(1)<11.5(1)SU11
Cisco Unity Connection=14<14SU1=12.5(1)<12.5(1)SU6
CVE-2021-44228
Apache Log4j2 Remote Code Execution Vulnerability
debian/apache-log4j1.2
debian/apache-log4j2
debian/apache-log4j2<=2.13.3-1<=2.7-2<=2.11.1-2
Apple Xcode<13.3
Apache Log4j2
redhat/log4j<2.15.0
and 429 more
CVE-2021-34701
A vulnerability in the web-based management interface of Cisco Unified Communications Manager (Unified CM), Cisco Unified Communications Manager Session Management Edition (Unified CM SME), Cisco Unif...
Cisco Unified Communications Manager<14su1
Cisco Unified Communications Manager<14su1
Cisco Unified Communications Manager IM and Presence Service<14su1
Cisco Unity Connection<14su1
CVE-2021-1362
A vulnerability in the SOAP API endpoint of Cisco Unified Communications Manager, Cisco Unified Communications Manager Session Management Edition, Cisco Unified Communications Manager IM &amp; Presenc...
Cisco Prime License Manager>=10.5\(2\)<11.5\(1\)su9
Cisco Unified Communications Manager>=10.5\(2\)<11.5\(1\)su9
Cisco Unified Communications Manager>=10.5\(2\)<11.5\(1\)su9
Cisco Unified Communications Manager>=12.0\(1\)<12.5\(1\)su4
Cisco Unified Communications Manager>=12.0\(1\)<12.5\(1\)su4
Cisco Unified Communications Manager Im \& Presence Service>=10.5\(2\)<11.5\(1\)su9
and 3 more
CVE-2021-1380
Multiple vulnerabilities in the web-based management interface of Cisco Unified Communications Manager (Unified CM), Cisco Unified Communications Manager IM &amp; Presence Service (Unified CM IM&amp;P...
Cisco Unified Communications Manager<14
Cisco Unified Communications Manager<14
Cisco Unified Communications Manager Im \& Presence Service<14
Cisco Unity Connection<14.0
CVE-2021-1409
Multiple vulnerabilities in the web-based management interface of Cisco Unified Communications Manager (Unified CM), Cisco Unified Communications Manager IM &amp; Presence Service (Unified CM IM&amp;P...
Cisco Unified Communications Manager<14
Cisco Unified Communications Manager<14
Cisco Unified Communications Manager Im \& Presence Service<14
Cisco Unity Connection<14.0
CVE-2021-1226
A vulnerability in the audit logging component of Cisco Unified Communications Manager, Cisco Unified Communications Manager Session Management Edition, Cisco Unified Communications Manager IM &amp; P...
Cisco Emergency Responder>=12.5\(1\)<12.5\(1\)su3
Cisco Emergency Responder=10.5\(2\)
Cisco Emergency Responder=11.5\(1\)
Cisco Emergency Responder=12.0\(1\)
Cisco Prime License Manager>=11.5\(1\)<11.5\(1\)su9
Cisco Prime License Manager=10.5\(2\)
and 12 more
CVE-2020-3130
A vulnerability in the web management interface of Cisco Unity Connection could allow an authenticated remote attacker to overwrite files on the underlying filesystem. The vulnerability is due to insu...
Cisco Unity Connection>=11.0<11.5su7
Cisco Unity Connection>=12.0<12.5su2
CVE-2020-3282
Cisco Unified Communications Manager>=10.5\(2\)<10.5\(2\)su10
Cisco Unified Communications Manager>=10.5\(2\)<10.5\(2\)su10
Cisco Unified Communications Manager>=11.5\(1\)<11.5\(1\)su8
Cisco Unified Communications Manager>=11.5\(1\)<11.5\(1\)su8
Cisco Unified Communications Manager=12.0\(1\)
Cisco Unified Communications Manager=12.0\(1\)
and 10 more
CVE-2019-1915
A vulnerability in the web-based interface of Cisco Unified Communications Manager, Cisco Unified Communications Manager Session Management Edition (SME), Cisco Unified Communications Manager IM and P...
Cisco Unified Communications Manager=10.5\(2.10000.5\)
Cisco Unified Communications Manager=11.5\(1.10000.6\)
Cisco Unified Communications Manager=12.0\(1.10000.10\)
Cisco Unified Communications Manager=12.5\(1.10000.22\)
Cisco Unity Connection=11.5
Cisco Unity Connection=12.0
and 3 more
CVE-2019-12707
A vulnerability in the web-based interface of multiple Cisco Unified Communications products could allow an unauthenticated, remote attacker to conduct a cross-site scripting (XSS) attack against a us...
Cisco Unified Communications Manager=10.5\(2.10000.5\)
Cisco Unified Communications Manager=11.5\(1.10000.6\)
Cisco Unified Communications Manager=12.0\(1.10000.10\)
Cisco Unified Communications Manager=12.5\(1.10000.22\)
Cisco Unified Communications Manager IM and Presence Service=14.0\(1\)
Cisco Unity Connection=11.5
and 2 more
cisco-sa-20191002-cucm-csrf
Multiple Cisco Unified Communications Products Cross-Site Request Forgery Vulnerability
Cisco Unified Communications Manager=12.5<Apply patch file ciscocm_CSCvo42306_CSRFFix_12_5X_v1.8.cop.sgn or upgrade to 12.5(1)SU1.=12.0<Apply patch file ciscocm_CSCvo42306_CSRFFix_12_0X_v1.8.cop.sgn or upgrade to 12.0(1)SU3.=11.5<Apply patch file ciscocm_CSCvo42306_CSRFFix_11_5X_v1.8.cop.sgn or upgrade to 11.5(1)SU6.=11.0<11.5(1)SU6=10.5(2)<Apply patch file ciscocm_CSCvo42306_CSRFFix_105X_v1.5.cop.sgn or upgrade to 10.5(2)SU9.>=.5(2)<10<10.5(2)SU9
Cisco Unified Communications Manager IM and Presence Service=12.5<Apply patch file ciscocm_CSCvo99233_CSRFFixForCUP_125X.cop.sgn or upgrade to 12.5(1)SU1.=12.0<12.5(1)SU1=11.5<Apply patch file ciscocm_CSCvo99233_CSRFFixForCUP_115X_v2.cop.sgn or upgrade to 11.5(1)SU6.=11.0<11.5(1)SU6=10.5(2)<Apply patch file ciscocm_CSCvo99233_CSRFFixForCUP_1052X.cop.sgn or upgrade to 10.5(2) ES.>=.5(2)<10<10.5(2) ES
Cisco Unity Connection=12.5<Apply patch file ciscocm.CSCvo91541_CSRFFix_12.5x.k3.cop.sgn or upgrade to 12.5(1)SU1.=12.0<Apply patch file ciscocm.CSCvo91541_CSRFFix_12.0x.k3.cop.sgn or upgrade to 12.0(1)SU3.=11.5<Apply patch file ciscocm.CSCvo91541_CSRFFix_11.5x.k3.cop.sgn or upgrade to 11.5(1)SU6.=11.0<11.5(1)SU6=10.5(2)<Apply patch file ciscocm.CSCvo91541_CSRFFix_10.5x.k3.cop.sgn or upgrade to 10.5(2)SU9.>=.5(2)<10<10.5(2)SU9
CVE-2019-1685
A vulnerability in the Security Assertion Markup Language (SAML) single sign-on (SSO) interface of Cisco Unity Connection could allow an unauthenticated, remote attacker to conduct a cross-site script...
Cisco Unity Connection=12.5
CVE-2018-15426
A vulnerability in the web-based interface of Cisco Unity Connection could allow an authenticated, remote attacker to conduct a stored cross-site scripting (XSS) attack against a user of the web-based...
Cisco Unity Connection=vmo-11.5\(1\)
CVE-2018-15403
A vulnerability in the web interface of Cisco Emergency Responder, Cisco Unified Communications Manager, Cisco Unified Communications Manager IM & Presence Service, and Cisco Unity Connection could al...
Cisco Unified Communications Manager=10.5\(2.10000.5\)
Cisco Unified Communications Manager=11.0\(1.10000.10\)
Cisco Unified Communications Manager=11.5\(1.10000.6\)
Cisco Unified Communications Manager=12.0\(1.10000.10\)
Cisco Unity Connection=9.1\(1\)es23
Cisco Unified Communications Manager IM and Presence Service=10.5\(1\)
and 6 more
CVE-2018-15396
A vulnerability in the Bulk Administration Tool (BAT) for Cisco Unity Connection could allow an authenticated, remote attacker to cause high disk utilization, resulting in a denial of service (DoS) co...
Cisco Unity Connection=12.5
CVE-2018-0354
A vulnerability in the web framework of Cisco Unity Connection could allow an unauthenticated, remote attacker to conduct a cross-site scripting (XSS) attack against the user of the web interface of a...
Cisco Unity Connection=12.5
CVE-2017-6779
Multiple Cisco products are affected by a vulnerability in local file management for certain system log files of Cisco collaboration products that could allow an unauthenticated, remote attacker to ca...
Cisco Emergency Responder>=10.5<10.5\(1a\)
Cisco Emergency Responder>=11.0<11.5\(4\)
Cisco Emergency Responder>=12.0<12.0su1
Cisco Emergency Responder=11.0\(1.10000.10\)
Cisco Finesse>=11.5<11.5\(3\)
Cisco Finesse=9.5\(1\)
and 26 more

Company

Resources

Contact

SecAlerts Pty Ltd.
132 Wickham Terrace
Fortitude Valley,
QLD 4006, Australia
info@secalerts.co
By using SecAlerts services, you agree to our services end-user license agreement. This website is safeguarded by reCAPTCHA and governed by the Google Privacy Policy and Terms of Service. All names, logos, and brands of products are owned by their respective owners, and any usage of these names, logos, and brands for identification purposes only does not imply endorsement. If you possess any content that requires removal, please get in touch with us.
© 2024 SecAlerts Pty Ltd.
ABN: 70 645 966 203, ACN: 645 966 203