All the vulnerabilites related to cisco - unified_presence
Vulnerability from fkie_nvd
Published
2008-05-16 12:54
Modified
2024-11-21 00:43
Severity ?
Summary
The Presence Engine (PE) service in Cisco Unified Presence before 6.0(1) allows remote attackers to cause a denial of service (core dump and service interruption) via malformed packets, aka Bug ID CSCsh50164.
References
Impacted products
| Vendor | Product | Version | |
|---|---|---|---|
| cisco | unified_presence | 6.0 | |
| cisco | unified_presence_server | 1.0 | |
| cisco | unified_presence_server | 1.0\(1\) | |
| cisco | unified_presence_server | 1.0\(2\) | |
| cisco | unified_presence_server | 1.0\(3\) |
{
"configurations": [
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:a:cisco:unified_presence:6.0:*:*:*:*:*:*:*",
"matchCriteriaId": "9C9B1A89-6A54-4BA7-9980-3EB46C650FFC",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:cisco:unified_presence_server:1.0:*:*:*:*:*:*:*",
"matchCriteriaId": "7F897DA4-E313-45C8-A4FB-52404D6541BE",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:cisco:unified_presence_server:1.0\\(1\\):*:*:*:*:*:*:*",
"matchCriteriaId": "22B299D9-A18B-41D9-B976-57AFDAA751DD",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:cisco:unified_presence_server:1.0\\(2\\):*:*:*:*:*:*:*",
"matchCriteriaId": "CDA3BA5D-2CEB-4AAC-8CB4-4A2CDC574076",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:cisco:unified_presence_server:1.0\\(3\\):*:*:*:*:*:*:*",
"matchCriteriaId": "9465A4F0-44C0-4A43-962E-0CCEADA05533",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
}
]
}
],
"cveTags": [],
"descriptions": [
{
"lang": "en",
"value": "The Presence Engine (PE) service in Cisco Unified Presence before 6.0(1) allows remote attackers to cause a denial of service (core dump and service interruption) via malformed packets, aka Bug ID CSCsh50164."
},
{
"lang": "es",
"value": "El servicio Presence Engine (PE) de Cisco Unified Presence versiones anteriores a 6.0(1) permite a atacantes remotos provocar una denegaci\u00f3n de servicio (core dump e interrupci\u00f3n del servicio) a trav\u00e9s de paquetes malformados, tambi\u00e9n conocido como Bug ID CSCsh50164."
}
],
"id": "CVE-2008-1158",
"lastModified": "2024-11-21T00:43:48.890",
"metrics": {
"cvssMetricV2": [
{
"acInsufInfo": false,
"baseSeverity": "HIGH",
"cvssData": {
"accessComplexity": "LOW",
"accessVector": "NETWORK",
"authentication": "NONE",
"availabilityImpact": "COMPLETE",
"baseScore": 7.8,
"confidentialityImpact": "NONE",
"integrityImpact": "NONE",
"vectorString": "AV:N/AC:L/Au:N/C:N/I:N/A:C",
"version": "2.0"
},
"exploitabilityScore": 10.0,
"impactScore": 6.9,
"obtainAllPrivilege": false,
"obtainOtherPrivilege": false,
"obtainUserPrivilege": false,
"source": "nvd@nist.gov",
"type": "Primary",
"userInteractionRequired": false
}
]
},
"published": "2008-05-16T12:54:00.000",
"references": [
{
"source": "ykramarz@cisco.com",
"url": "http://secunia.com/advisories/30240"
},
{
"source": "ykramarz@cisco.com",
"url": "http://securitytracker.com/id?1020023"
},
{
"source": "ykramarz@cisco.com",
"url": "http://www.cisco.com/en/US/products/products_security_advisory09186a0080995682.shtml"
},
{
"source": "ykramarz@cisco.com",
"url": "http://www.securityfocus.com/bid/29219"
},
{
"source": "ykramarz@cisco.com",
"url": "http://www.vupen.com/english/advisories/2008/1534"
},
{
"source": "ykramarz@cisco.com",
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/42412"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://secunia.com/advisories/30240"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://securitytracker.com/id?1020023"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://www.cisco.com/en/US/products/products_security_advisory09186a0080995682.shtml"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://www.securityfocus.com/bid/29219"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://www.vupen.com/english/advisories/2008/1534"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/42412"
}
],
"sourceIdentifier": "ykramarz@cisco.com",
"vulnStatus": "Modified",
"weaknesses": [
{
"description": [
{
"lang": "en",
"value": "CWE-20"
}
],
"source": "nvd@nist.gov",
"type": "Primary"
}
]
}
Vulnerability from fkie_nvd
Published
2008-05-16 12:54
Modified
2024-11-21 00:45
Severity ?
Summary
The SIP Proxy (SIPD) service in Cisco Unified Presence before 6.0(3) allows remote attackers to cause a denial of service (core dump and service interruption) via a TCP port scan, aka Bug ID CSCsj64533.
References
Impacted products
| Vendor | Product | Version | |
|---|---|---|---|
| cisco | unified_presence | * | |
| cisco | unified_presence | 6.0_1 |
{
"configurations": [
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:a:cisco:unified_presence:*:*:*:*:*:*:*:*",
"matchCriteriaId": "4C218B1B-CE56-4170-A084-2A84750BC780",
"versionEndIncluding": "6.0_2",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:cisco:unified_presence:6.0_1:*:*:*:*:*:*:*",
"matchCriteriaId": "36C86548-FAC6-49A3-9D3B-3107A7916086",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
}
]
}
],
"cveTags": [],
"descriptions": [
{
"lang": "en",
"value": "The SIP Proxy (SIPD) service in Cisco Unified Presence before 6.0(3) allows remote attackers to cause a denial of service (core dump and service interruption) via a TCP port scan, aka Bug ID CSCsj64533."
},
{
"lang": "es",
"value": "El servicio SIP Proxy (SIPD) de Cisco Unified Presence versiones anteriores a 6.0(3) permite a atacantes remotos provocar una denegaci\u00f3n de servicio (core dump e interrupci\u00f3n del servicio) a trav\u00e9s de un escaneo del puerto TCP, tambi\u00e9n conocido como Bug ID CSCsj64533"
}
],
"id": "CVE-2008-1741",
"lastModified": "2024-11-21T00:45:13.470",
"metrics": {
"cvssMetricV2": [
{
"acInsufInfo": false,
"baseSeverity": "HIGH",
"cvssData": {
"accessComplexity": "LOW",
"accessVector": "NETWORK",
"authentication": "NONE",
"availabilityImpact": "COMPLETE",
"baseScore": 7.8,
"confidentialityImpact": "NONE",
"integrityImpact": "NONE",
"vectorString": "AV:N/AC:L/Au:N/C:N/I:N/A:C",
"version": "2.0"
},
"exploitabilityScore": 10.0,
"impactScore": 6.9,
"obtainAllPrivilege": false,
"obtainOtherPrivilege": false,
"obtainUserPrivilege": false,
"source": "nvd@nist.gov",
"type": "Primary",
"userInteractionRequired": false
}
]
},
"published": "2008-05-16T12:54:00.000",
"references": [
{
"source": "ykramarz@cisco.com",
"url": "http://secunia.com/advisories/30269"
},
{
"source": "ykramarz@cisco.com",
"url": "http://securitytracker.com/id?1020023"
},
{
"source": "ykramarz@cisco.com",
"tags": [
"Patch"
],
"url": "http://www.cisco.com/en/US/products/products_security_advisory09186a0080995682.shtml"
},
{
"source": "ykramarz@cisco.com",
"url": "http://www.securityfocus.com/bid/29222"
},
{
"source": "ykramarz@cisco.com",
"url": "http://www.vupen.com/english/advisories/2008/1534"
},
{
"source": "ykramarz@cisco.com",
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/42413"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://secunia.com/advisories/30269"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://securitytracker.com/id?1020023"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Patch"
],
"url": "http://www.cisco.com/en/US/products/products_security_advisory09186a0080995682.shtml"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://www.securityfocus.com/bid/29222"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://www.vupen.com/english/advisories/2008/1534"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/42413"
}
],
"sourceIdentifier": "ykramarz@cisco.com",
"vulnStatus": "Modified",
"weaknesses": [
{
"description": [
{
"lang": "en",
"value": "CWE-20"
}
],
"source": "nvd@nist.gov",
"type": "Primary"
}
]
}
Vulnerability from fkie_nvd
Published
2008-05-16 12:54
Modified
2024-11-21 00:45
Severity ?
Summary
The Presence Engine (PE) service in Cisco Unified Presence before 6.0(1) allows remote attackers to cause a denial of service (core dump and service interruption) via an unspecified "stress test," aka Bug ID CSCsh20972.
References
Impacted products
| Vendor | Product | Version | |
|---|---|---|---|
| cisco | unified_presence | * | |
| cisco | unified_presence | 6.0_1 |
{
"configurations": [
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:a:cisco:unified_presence:*:*:*:*:*:*:*:*",
"matchCriteriaId": "4C218B1B-CE56-4170-A084-2A84750BC780",
"versionEndIncluding": "6.0_2",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:cisco:unified_presence:6.0_1:*:*:*:*:*:*:*",
"matchCriteriaId": "36C86548-FAC6-49A3-9D3B-3107A7916086",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
}
]
}
],
"cveTags": [],
"descriptions": [
{
"lang": "en",
"value": "The Presence Engine (PE) service in Cisco Unified Presence before 6.0(1) allows remote attackers to cause a denial of service (core dump and service interruption) via an unspecified \"stress test,\" aka Bug ID CSCsh20972."
},
{
"lang": "es",
"value": "El servicio Presence Engine (PE) de Cisco Unified Presence versiones anteriores a 6.0(1) permite a atacantes remotos provocar una denegaci\u00f3n de servicio (core dump e interrupci\u00f3n del servicio) a trav\u00e9s de \"pruebas de estr\u00e9s\" sin especificar, tambi\u00e9n conocido como Bug ID CSCsh20972."
}
],
"id": "CVE-2008-1740",
"lastModified": "2024-11-21T00:45:13.363",
"metrics": {
"cvssMetricV2": [
{
"acInsufInfo": false,
"baseSeverity": "HIGH",
"cvssData": {
"accessComplexity": "LOW",
"accessVector": "NETWORK",
"authentication": "NONE",
"availabilityImpact": "COMPLETE",
"baseScore": 7.8,
"confidentialityImpact": "NONE",
"integrityImpact": "NONE",
"vectorString": "AV:N/AC:L/Au:N/C:N/I:N/A:C",
"version": "2.0"
},
"exploitabilityScore": 10.0,
"impactScore": 6.9,
"obtainAllPrivilege": false,
"obtainOtherPrivilege": false,
"obtainUserPrivilege": false,
"source": "nvd@nist.gov",
"type": "Primary",
"userInteractionRequired": false
}
]
},
"published": "2008-05-16T12:54:00.000",
"references": [
{
"source": "ykramarz@cisco.com",
"url": "http://secunia.com/advisories/30240"
},
{
"source": "ykramarz@cisco.com",
"url": "http://securitytracker.com/id?1020023"
},
{
"source": "ykramarz@cisco.com",
"tags": [
"Patch"
],
"url": "http://www.cisco.com/en/US/products/products_security_advisory09186a0080995682.shtml"
},
{
"source": "ykramarz@cisco.com",
"url": "http://www.securityfocus.com/bid/29220"
},
{
"source": "ykramarz@cisco.com",
"url": "http://www.vupen.com/english/advisories/2008/1534"
},
{
"source": "ykramarz@cisco.com",
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/42412"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://secunia.com/advisories/30240"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://securitytracker.com/id?1020023"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Patch"
],
"url": "http://www.cisco.com/en/US/products/products_security_advisory09186a0080995682.shtml"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://www.securityfocus.com/bid/29220"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://www.vupen.com/english/advisories/2008/1534"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/42412"
}
],
"sourceIdentifier": "ykramarz@cisco.com",
"vulnStatus": "Modified",
"weaknesses": [
{
"description": [
{
"lang": "en",
"value": "CWE-20"
}
],
"source": "nvd@nist.gov",
"type": "Primary"
}
]
}
Vulnerability from fkie_nvd
Published
2011-10-06 10:55
Modified
2024-11-21 01:30
Severity ?
Summary
Cisco Unified Presence before 8.5(4) does not properly detect recursion during entity expansion, which allows remote attackers to cause a denial of service (memory and CPU consumption, and process crash) via a crafted XML document containing a large number of nested entity references, aka Bug IDs CSCtq89842 and CSCtq88547, a similar issue to CVE-2003-1564.
References
Impacted products
| Vendor | Product | Version | |
|---|---|---|---|
| cisco | unified_presence | * |
{
"configurations": [
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:a:cisco:unified_presence:*:*:*:*:*:*:*:*",
"matchCriteriaId": "D0C47E5D-3198-46F7-B2EC-95416E2A7CC3",
"versionEndExcluding": "8.5\\(4\\)",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
}
]
}
],
"cveTags": [],
"descriptions": [
{
"lang": "en",
"value": "Cisco Unified Presence before 8.5(4) does not properly detect recursion during entity expansion, which allows remote attackers to cause a denial of service (memory and CPU consumption, and process crash) via a crafted XML document containing a large number of nested entity references, aka Bug IDs CSCtq89842 and CSCtq88547, a similar issue to CVE-2003-1564."
},
{
"lang": "es",
"value": "Cisco Unified Presence antes de su versi\u00f3n v8.5(4) no detecta correctamente la recursividad durante la expansi\u00f3n de la entidad, lo que permite a atacantes remotos provocar una denegaci\u00f3n de servicio (consumo de memoria y CPU, y finalmente la ca\u00edda del proceso) a trav\u00e9s de un documento XML debidamente modificado que contiene un gran n\u00famero de referencias a entidades anidadas. Se trata de un problema tambi\u00e9n conocido como Bug ID CSCtq89842 y CSCtq88547. Es un problema similar a CVE-2003-1564."
}
],
"id": "CVE-2011-3288",
"lastModified": "2024-11-21T01:30:11.943",
"metrics": {
"cvssMetricV2": [
{
"acInsufInfo": false,
"baseSeverity": "HIGH",
"cvssData": {
"accessComplexity": "LOW",
"accessVector": "NETWORK",
"authentication": "NONE",
"availabilityImpact": "COMPLETE",
"baseScore": 7.8,
"confidentialityImpact": "NONE",
"integrityImpact": "NONE",
"vectorString": "AV:N/AC:L/Au:N/C:N/I:N/A:C",
"version": "2.0"
},
"exploitabilityScore": 10.0,
"impactScore": 6.9,
"obtainAllPrivilege": false,
"obtainOtherPrivilege": false,
"obtainUserPrivilege": false,
"source": "nvd@nist.gov",
"type": "Primary",
"userInteractionRequired": false
}
],
"cvssMetricV31": [
{
"cvssData": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "HIGH",
"baseScore": 7.5,
"baseSeverity": "HIGH",
"confidentialityImpact": "NONE",
"integrityImpact": "NONE",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"exploitabilityScore": 3.9,
"impactScore": 3.6,
"source": "nvd@nist.gov",
"type": "Primary"
}
]
},
"published": "2011-10-06T10:55:05.097",
"references": [
{
"source": "ykramarz@cisco.com",
"tags": [
"Not Applicable"
],
"url": "http://www.cisco.com/en/US/products/products_security_advisory09186a0080b95d47.shtml"
},
{
"source": "nvd@nist.gov",
"tags": [
"Vendor Advisory"
],
"url": "https://www.cisco.com/c/en/us/support/docs/csa/cisco-sa-20110928-xcpcupsxml.html"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Not Applicable"
],
"url": "http://www.cisco.com/en/US/products/products_security_advisory09186a0080b95d47.shtml"
}
],
"sourceIdentifier": "ykramarz@cisco.com",
"vulnStatus": "Modified",
"weaknesses": [
{
"description": [
{
"lang": "en",
"value": "CWE-776"
}
],
"source": "nvd@nist.gov",
"type": "Primary"
}
]
}
Vulnerability from fkie_nvd
Published
2012-09-12 23:55
Modified
2024-11-21 01:41
Severity ?
Summary
Cisco Unified Presence (CUP) before 8.6(3) and Jabber Extensible Communications Platform (aka Jabber XCP) before 5.3 allow remote attackers to cause a denial of service (process crash) via a crafted XMPP stream header, aka Bug ID CSCtu32832.
References
Impacted products
{
"configurations": [
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:a:cisco:unified_presence:*:*:*:*:*:*:*:*",
"matchCriteriaId": "CF489778-059A-4D9C-A892-3695BC0795BB",
"versionEndIncluding": "8.6\\(2\\)",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:cisco:unified_presence:1.0:*:*:*:*:*:*:*",
"matchCriteriaId": "53DFD5A1-33C9-45E5-B7B9-2B1FAA840ED4",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:cisco:unified_presence:6.0:*:*:*:*:*:*:*",
"matchCriteriaId": "9C9B1A89-6A54-4BA7-9980-3EB46C650FFC",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:cisco:unified_presence:6.0\\(1\\):*:*:*:*:*:*:*",
"matchCriteriaId": "4EBA6C36-8B78-45DF-B73E-326F6C72B6C6",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:cisco:unified_presence:6.0\\(2\\):*:*:*:*:*:*:*",
"matchCriteriaId": "F7358448-71EA-49E7-BAAD-30B3F82C5A14",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:cisco:unified_presence:6.0\\(3\\):*:*:*:*:*:*:*",
"matchCriteriaId": "D425ACC6-F347-4106-8E1C-B95E9D82C21A",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:cisco:unified_presence:6.0\\(4\\):*:*:*:*:*:*:*",
"matchCriteriaId": "2EBDC5EE-18F6-4C98-B815-1E14351EAD1F",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:cisco:unified_presence:6.0\\(5\\):*:*:*:*:*:*:*",
"matchCriteriaId": "309E650A-7907-4E57-B571-4B072E62A1EE",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:cisco:unified_presence:6.0\\(6\\):*:*:*:*:*:*:*",
"matchCriteriaId": "10AD3A1E-D9A2-4B90-A09A-2596B09B2F92",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:cisco:unified_presence:6.0\\(7\\):*:*:*:*:*:*:*",
"matchCriteriaId": "9122B9CF-CDB8-448E-B9E4-6613D4B401BE",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:cisco:unified_presence:6.0_1:*:*:*:*:*:*:*",
"matchCriteriaId": "36C86548-FAC6-49A3-9D3B-3107A7916086",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:cisco:unified_presence:6.0_2:*:*:*:*:*:*:*",
"matchCriteriaId": "49F5F5FC-E41A-46F2-B168-FDF48F56ACBE",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:cisco:unified_presence:7.0:*:*:*:*:*:*:*",
"matchCriteriaId": "D88C06B5-BD50-4A43-9B51-5D3D91F691F7",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:cisco:unified_presence:7.0\\(1\\):*:*:*:*:*:*:*",
"matchCriteriaId": "194B6B31-58FD-42F9-BAAD-6D539D2DE445",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:cisco:unified_presence:7.0\\(2\\):*:*:*:*:*:*:*",
"matchCriteriaId": "61B1C092-C3D4-4BCF-8F16-27978150076A",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:cisco:unified_presence:7.0\\(3\\):*:*:*:*:*:*:*",
"matchCriteriaId": "01BD934F-DC42-43CF-8B69-1B98D2CE5787",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:cisco:unified_presence:7.0\\(4\\):*:*:*:*:*:*:*",
"matchCriteriaId": "94BB2FB8-F54D-42B0-B8D9-37253D8A7794",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:cisco:unified_presence:7.0\\(5\\):*:*:*:*:*:*:*",
"matchCriteriaId": "6CE37DDB-11FC-41B5-A9CB-60825ED8EC21",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:cisco:unified_presence:7.0\\(6\\):*:*:*:*:*:*:*",
"matchCriteriaId": "325098C4-4AA0-43CF-A421-126D8BC05661",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:cisco:unified_presence:7.0\\(7\\):*:*:*:*:*:*:*",
"matchCriteriaId": "FA453950-82A8-4374-8655-B3C7662074AA",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:cisco:unified_presence:7.0\\(8\\):*:*:*:*:*:*:*",
"matchCriteriaId": "202EB97F-B4D4-4269-9FE6-E11A637C2C0E",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:cisco:unified_presence:7.0\\(9\\):*:*:*:*:*:*:*",
"matchCriteriaId": "4C8B9CA0-3F44-4B5C-A8EE-BD8BC90FD076",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:cisco:unified_presence:8.0:*:*:*:*:*:*:*",
"matchCriteriaId": "F7915D1A-5B9C-4D72-A6A8-C77BBDE40F68",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:cisco:unified_presence:8.0\\(1\\):*:*:*:*:*:*:*",
"matchCriteriaId": "CF088815-90E1-4A74-9EF2-BC3F0C8CFEF5",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:cisco:unified_presence:8.0\\(2\\):*:*:*:*:*:*:*",
"matchCriteriaId": "A8F1A6C5-5150-4080-AE51-36432DC293E0",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:cisco:unified_presence:8.0\\(3\\):*:*:*:*:*:*:*",
"matchCriteriaId": "1A5D87B2-E85D-4A28-9EFF-9408FDB35B92",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:cisco:unified_presence:8.0\\(4\\):*:*:*:*:*:*:*",
"matchCriteriaId": "60A36A8C-4CDD-4251-82F5-083C5BA1132A",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:cisco:unified_presence:8.5:*:*:*:*:*:*:*",
"matchCriteriaId": "C7329B46-66E8-4429-8664-8DB94DBD3134",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:cisco:unified_presence:8.5\\(1\\):*:*:*:*:*:*:*",
"matchCriteriaId": "7320D823-9FCA-4624-8F94-FB2A6081BA87",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:cisco:unified_presence:8.5\\(2\\):*:*:*:*:*:*:*",
"matchCriteriaId": "26D3FA4B-E9A5-413B-B13D-61EE62AA0444",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:cisco:unified_presence:8.5\\(3\\):*:*:*:*:*:*:*",
"matchCriteriaId": "AACEEBD1-DB8B-457B-9E18-6BC1E8BD6B66",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:cisco:unified_presence:8.6\\(1\\):*:*:*:*:*:*:*",
"matchCriteriaId": "67F1CFA0-8D7C-4CA3-8E44-9B1BA94E8FB8",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
}
]
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:a:cisco:jabber_extensible_communications_platform:*:*:*:*:*:*:*:*",
"matchCriteriaId": "05E13F0E-2877-4D62-B1B7-6A57BEA5E29F",
"versionEndIncluding": "5.2",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
}
]
}
],
"cveTags": [],
"descriptions": [
{
"lang": "en",
"value": "Cisco Unified Presence (CUP) before 8.6(3) and Jabber Extensible Communications Platform (aka Jabber XCP) before 5.3 allow remote attackers to cause a denial of service (process crash) via a crafted XMPP stream header, aka Bug ID CSCtu32832."
},
{
"lang": "es",
"value": "Cisco Unified Presence (CUP) antes de v8.6 (3) y Jabber Extensible Communications Platform (tambi\u00e9n conocido como Jabber XCP) antes de v5.3, permite a atacantes remotos provocar una denegaci\u00f3n de servicio (ca\u00edda del proceso) a trav\u00e9s de una cabecera XMPP modificada, tambi\u00e9n conocido como Bug ID CSCtu32832."
}
],
"id": "CVE-2012-3935",
"lastModified": "2024-11-21T01:41:49.560",
"metrics": {
"cvssMetricV2": [
{
"acInsufInfo": false,
"baseSeverity": "HIGH",
"cvssData": {
"accessComplexity": "LOW",
"accessVector": "NETWORK",
"authentication": "NONE",
"availabilityImpact": "COMPLETE",
"baseScore": 7.8,
"confidentialityImpact": "NONE",
"integrityImpact": "NONE",
"vectorString": "AV:N/AC:L/Au:N/C:N/I:N/A:C",
"version": "2.0"
},
"exploitabilityScore": 10.0,
"impactScore": 6.9,
"obtainAllPrivilege": false,
"obtainOtherPrivilege": false,
"obtainUserPrivilege": false,
"source": "nvd@nist.gov",
"type": "Primary",
"userInteractionRequired": false
}
]
},
"published": "2012-09-12T23:55:00.807",
"references": [
{
"source": "ykramarz@cisco.com",
"url": "http://osvdb.org/85421"
},
{
"source": "ykramarz@cisco.com",
"url": "http://secunia.com/advisories/50562"
},
{
"source": "ykramarz@cisco.com",
"url": "http://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20120912-cupxcp"
},
{
"source": "ykramarz@cisco.com",
"url": "http://www.securitytracker.com/id?1027520"
},
{
"source": "ykramarz@cisco.com",
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/78457"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://osvdb.org/85421"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://secunia.com/advisories/50562"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20120912-cupxcp"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://www.securitytracker.com/id?1027520"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/78457"
}
],
"sourceIdentifier": "ykramarz@cisco.com",
"vulnStatus": "Modified",
"weaknesses": [
{
"description": [
{
"lang": "en",
"value": "CWE-119"
}
],
"source": "nvd@nist.gov",
"type": "Primary"
}
]
}
Vulnerability from fkie_nvd
Published
2013-04-16 14:04
Modified
2024-11-21 01:49
Severity ?
Summary
The XML parser in the server in Cisco Unified Presence (CUP) allows remote authenticated users to cause a denial of service (jabberd daemon crash) via crafted XML content in an XMPP message, aka Bug ID CSCue13912.
References
Impacted products
| Vendor | Product | Version | |
|---|---|---|---|
| cisco | unified_presence | - |
{
"configurations": [
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:a:cisco:unified_presence:-:*:*:*:*:*:*:*",
"matchCriteriaId": "63CC14CC-D958-419F-B248-E2D615C9584D",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
}
]
}
],
"cveTags": [],
"descriptions": [
{
"lang": "en",
"value": "The XML parser in the server in Cisco Unified Presence (CUP) allows remote authenticated users to cause a denial of service (jabberd daemon crash) via crafted XML content in an XMPP message, aka Bug ID CSCue13912."
},
{
"lang": "es",
"value": "El parser XML en el servidor de Cisco Unified Presence (CUP) permite a usuarios remotos autenticados causar una denegaci\u00f3n de servicio (ca\u00edda del demonio) a trav\u00e9s de contenido XML especialmente dise\u00f1ado en un mensaje XMPP, tambi\u00e9n conocido como Bug ID CSCue13912."
}
],
"id": "CVE-2013-1197",
"lastModified": "2024-11-21T01:49:05.820",
"metrics": {
"cvssMetricV2": [
{
"acInsufInfo": false,
"baseSeverity": "MEDIUM",
"cvssData": {
"accessComplexity": "LOW",
"accessVector": "NETWORK",
"authentication": "SINGLE",
"availabilityImpact": "COMPLETE",
"baseScore": 6.8,
"confidentialityImpact": "NONE",
"integrityImpact": "NONE",
"vectorString": "AV:N/AC:L/Au:S/C:N/I:N/A:C",
"version": "2.0"
},
"exploitabilityScore": 8.0,
"impactScore": 6.9,
"obtainAllPrivilege": false,
"obtainOtherPrivilege": false,
"obtainUserPrivilege": false,
"source": "nvd@nist.gov",
"type": "Primary",
"userInteractionRequired": false
}
]
},
"published": "2013-04-16T14:04:30.923",
"references": [
{
"source": "ykramarz@cisco.com",
"tags": [
"Vendor Advisory"
],
"url": "http://tools.cisco.com/security/center/content/CiscoSecurityNotice/CVE-2013-1197"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Vendor Advisory"
],
"url": "http://tools.cisco.com/security/center/content/CiscoSecurityNotice/CVE-2013-1197"
}
],
"sourceIdentifier": "ykramarz@cisco.com",
"vulnStatus": "Modified",
"weaknesses": [
{
"description": [
{
"lang": "en",
"value": "CWE-20"
}
],
"source": "nvd@nist.gov",
"type": "Primary"
}
]
}
Vulnerability from fkie_nvd
Published
2008-04-04 19:44
Modified
2024-11-21 00:43
Severity ?
Summary
The Disaster Recovery Framework (DRF) master server in Cisco Unified Communications products, including Unified Communications Manager (CUCM) 5.x and 6.x, Unified Presence 1.x and 6.x, Emergency Responder 2.x, and Mobility Manager 2.x, does not require authentication for requests received from the network, which allows remote attackers to execute arbitrary code via unspecified vectors.
References
Impacted products
| Vendor | Product | Version | |
|---|---|---|---|
| cisco | emergency_responder | 2.0 | |
| cisco | mobility_manager | 2.0 | |
| cisco | unified_communications_manager | 5.0 | |
| cisco | unified_communications_manager | 5.1 | |
| cisco | unified_communications_manager | 6.0 | |
| cisco | unified_communications_manager | 6.1 | |
| cisco | unified_presence | 1.0 | |
| cisco | unified_presence | 6.0 |
{
"configurations": [
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:a:cisco:emergency_responder:2.0:*:*:*:*:*:*:*",
"matchCriteriaId": "984570AA-2517-440D-9A2F-8EBAEB022602",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:cisco:mobility_manager:2.0:*:*:*:*:*:*:*",
"matchCriteriaId": "6BFAA32C-6AEC-490A-9514-BA5B10E9B0E3",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:cisco:unified_communications_manager:5.0:*:*:*:*:*:*:*",
"matchCriteriaId": "B2AF68FA-433F-46F2-B309-B60A108BECFA",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:cisco:unified_communications_manager:5.1:*:*:*:*:*:*:*",
"matchCriteriaId": "640BFEE2-B364-411E-B641-7471B88ED7CC",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:cisco:unified_communications_manager:6.0:*:*:*:*:*:*:*",
"matchCriteriaId": "819AE879-5BF9-494E-8905-1E1E867EB5A9",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:cisco:unified_communications_manager:6.1:*:*:*:*:*:*:*",
"matchCriteriaId": "6BC6EF34-D23D-45CA-A907-A47993CC061E",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:cisco:unified_presence:1.0:*:*:*:*:*:*:*",
"matchCriteriaId": "53DFD5A1-33C9-45E5-B7B9-2B1FAA840ED4",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:cisco:unified_presence:6.0:*:*:*:*:*:*:*",
"matchCriteriaId": "9C9B1A89-6A54-4BA7-9980-3EB46C650FFC",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
}
]
}
],
"cveTags": [],
"descriptions": [
{
"lang": "en",
"value": "The Disaster Recovery Framework (DRF) master server in Cisco Unified Communications products, including Unified Communications Manager (CUCM) 5.x and 6.x, Unified Presence 1.x and 6.x, Emergency Responder 2.x, and Mobility Manager 2.x, does not require authentication for requests received from the network, which allows remote attackers to execute arbitrary code via unspecified vectors."
},
{
"lang": "es",
"value": "El Disaster Recovery Framework (DRF) Master Server en productos Cisco Unified Communications, incluyendo Unified Communications Manager (CUCM) 5.x y 6.x, Unified Presence 1.x y 6.x, Emergency Responder 2.x, y Mobility Manager 2.x, no requiere autenticaci\u00f3n para las peticiones recibidas desde la red, lo que permite a atacantes remotos ejecutar c\u00f3digo arbitrario a trav\u00e9s de vectores no especificados."
}
],
"id": "CVE-2008-1154",
"lastModified": "2024-11-21T00:43:48.393",
"metrics": {
"cvssMetricV2": [
{
"acInsufInfo": false,
"baseSeverity": "HIGH",
"cvssData": {
"accessComplexity": "LOW",
"accessVector": "NETWORK",
"authentication": "NONE",
"availabilityImpact": "COMPLETE",
"baseScore": 10.0,
"confidentialityImpact": "COMPLETE",
"integrityImpact": "COMPLETE",
"vectorString": "AV:N/AC:L/Au:N/C:C/I:C/A:C",
"version": "2.0"
},
"exploitabilityScore": 10.0,
"impactScore": 10.0,
"obtainAllPrivilege": true,
"obtainOtherPrivilege": false,
"obtainUserPrivilege": false,
"source": "nvd@nist.gov",
"type": "Primary",
"userInteractionRequired": false
}
]
},
"published": "2008-04-04T19:44:00.000",
"references": [
{
"source": "ykramarz@cisco.com",
"url": "http://secunia.com/advisories/29670"
},
{
"source": "ykramarz@cisco.com",
"url": "http://securitytracker.com/id?1019768"
},
{
"source": "ykramarz@cisco.com",
"tags": [
"Patch"
],
"url": "http://www.cisco.com/en/US/products/products_security_advisory09186a008096fd9a.shtml"
},
{
"source": "ykramarz@cisco.com",
"url": "http://www.securityfocus.com/bid/28591"
},
{
"source": "ykramarz@cisco.com",
"url": "http://www.vupen.com/english/advisories/2008/1093"
},
{
"source": "ykramarz@cisco.com",
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/41632"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://secunia.com/advisories/29670"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://securitytracker.com/id?1019768"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Patch"
],
"url": "http://www.cisco.com/en/US/products/products_security_advisory09186a008096fd9a.shtml"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://www.securityfocus.com/bid/28591"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://www.vupen.com/english/advisories/2008/1093"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/41632"
}
],
"sourceIdentifier": "ykramarz@cisco.com",
"vulnStatus": "Modified",
"weaknesses": [
{
"description": [
{
"lang": "en",
"value": "CWE-287"
}
],
"source": "nvd@nist.gov",
"type": "Primary"
}
]
}
Vulnerability from fkie_nvd
Published
2013-08-22 22:55
Modified
2024-11-21 01:53
Severity ?
Summary
Memory leak in Cisco Unified Communications Manager IM and Presence Service before 8.6(5)SU1 and 9.x before 9.1(2), and Cisco Unified Presence, allows remote attackers to cause a denial of service (memory and CPU consumption) by making many TCP connections to port (1) 5060 or (2) 5061, aka Bug ID CSCud84959.
References
Impacted products
{
"configurations": [
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:a:cisco:unified_communications_manager:*:*:*:*:*:*:*:*",
"matchCriteriaId": "D481FEA8-BEC3-4BEB-B205-F60C99A12222",
"versionEndIncluding": "8.6\\(4\\)",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:cisco:unified_communications_manager:3.3\\(5\\):*:*:*:*:*:*:*",
"matchCriteriaId": "9B9DA1F8-FA05-4380-8EFF-AF9FEF18FF2E",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:cisco:unified_communications_manager:3.3\\(5\\)sr1:*:*:*:*:*:*:*",
"matchCriteriaId": "65BB9155-89E5-4D54-AF1B-D5CA38392D5D",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:cisco:unified_communications_manager:3.3\\(5\\)sr2a:*:*:*:*:*:*:*",
"matchCriteriaId": "2A76CD6B-0C24-4F5F-B4BB-BA114150A7F1",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:cisco:unified_communications_manager:4.1\\(3\\):*:*:*:*:*:*:*",
"matchCriteriaId": "F9BD08CD-9169-4B1E-A6DE-B138E6AB533C",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:cisco:unified_communications_manager:4.1\\(3\\)sr1:*:*:*:*:*:*:*",
"matchCriteriaId": "DFFD96E3-B19F-41B7-86FD-DBFD41382C28",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:cisco:unified_communications_manager:4.1\\(3\\)sr2:*:*:*:*:*:*:*",
"matchCriteriaId": "0E9BF838-87A2-43B8-975B-524D7F954BF5",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:cisco:unified_communications_manager:4.1\\(3\\)sr3:*:*:*:*:*:*:*",
"matchCriteriaId": "9600EA23-5428-4312-A38E-480E3C3228BF",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:cisco:unified_communications_manager:4.1\\(3\\)sr4:*:*:*:*:*:*:*",
"matchCriteriaId": "57F5547E-F9C8-4F9C-96A1-563A66EE8D48",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:cisco:unified_communications_manager:4.2:*:*:*:*:*:*:*",
"matchCriteriaId": "E6C20851-DC17-4E89-A6C1-D1B52D47608F",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:cisco:unified_communications_manager:4.2.1:*:*:*:*:*:*:*",
"matchCriteriaId": "BC830649-C0D4-4FFC-8701-80FB4A706F58",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:cisco:unified_communications_manager:4.2.2:*:*:*:*:*:*:*",
"matchCriteriaId": "935D2815-7146-4125-BDBE-BFAA62A88EC9",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:cisco:unified_communications_manager:4.2.3:*:*:*:*:*:*:*",
"matchCriteriaId": "6BF54827-75E6-4BA0-84F0-0EC0E24A4A73",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:cisco:unified_communications_manager:4.2.3sr1:*:*:*:*:*:*:*",
"matchCriteriaId": "6C8628E7-D3C8-4212-B0A5-6B5AC14D6101",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:cisco:unified_communications_manager:4.2.3sr2:*:*:*:*:*:*:*",
"matchCriteriaId": "19432E5E-EA68-4B7A-8B99-DEBACBC3F160",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:cisco:unified_communications_manager:4.2.3sr2b:*:*:*:*:*:*:*",
"matchCriteriaId": "ABE4CD8E-F27C-4F96-B955-FC1E71B5D55B",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:cisco:unified_communications_manager:4.3:*:*:*:*:*:*:*",
"matchCriteriaId": "577571D6-AC59-4A43-B9A5-7B6FC6D2046C",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:cisco:unified_communications_manager:4.3\\(1\\):*:*:*:*:*:*:*",
"matchCriteriaId": "8F1DEC3B-2782-4144-9651-73116294765D",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:cisco:unified_communications_manager:5.0:*:*:*:*:*:*:*",
"matchCriteriaId": "B2AF68FA-433F-46F2-B309-B60A108BECFA",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:cisco:unified_communications_manager:5.1:*:*:*:*:*:*:*",
"matchCriteriaId": "640BFEE2-B364-411E-B641-7471B88ED7CC",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:cisco:unified_communications_manager:5.1\\(1\\):*:*:*:*:*:*:*",
"matchCriteriaId": "1B9FDFF3-2E60-4E41-9251-93283D945D94",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:cisco:unified_communications_manager:5.1\\(1b\\):*:*:*:*:*:*:*",
"matchCriteriaId": "1022C151-6EC8-4E8D-85ED-59D51551BDAA",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:cisco:unified_communications_manager:5.1\\(1c\\):*:*:*:*:*:*:*",
"matchCriteriaId": "060593BD-ADC1-4282-BC6D-E0D6A2B7C8D1",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:cisco:unified_communications_manager:5.1\\(2\\):*:*:*:*:*:*:*",
"matchCriteriaId": "239510AD-8BB0-4515-B1DA-80DE696D25DD",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:cisco:unified_communications_manager:5.1\\(2a\\):*:*:*:*:*:*:*",
"matchCriteriaId": "26277C4A-4E27-492C-B18C-AC68D86ADF55",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:cisco:unified_communications_manager:5.1\\(2b\\):*:*:*:*:*:*:*",
"matchCriteriaId": "9003EC1A-6E85-41F1-BB5D-B841C9C28105",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:cisco:unified_communications_manager:5.1\\(3\\):*:*:*:*:*:*:*",
"matchCriteriaId": "0318CF61-B892-4D44-B41A-D630B4AB808C",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:cisco:unified_communications_manager:5.1\\(3a\\):*:*:*:*:*:*:*",
"matchCriteriaId": "9CDA8A78-BA6C-4451-8EAA-B83C3A6C6BA2",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:cisco:unified_communications_manager:5.1\\(3c\\):*:*:*:*:*:*:*",
"matchCriteriaId": "84A49932-1E22-4BE0-8195-926D44F65AAA",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:cisco:unified_communications_manager:5.1\\(3d\\):*:*:*:*:*:*:*",
"matchCriteriaId": "4DE1B0DD-EA64-493B-86B7-9057EE5033C8",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:cisco:unified_communications_manager:5.1\\(3e\\):*:*:*:*:*:*:*",
"matchCriteriaId": "00ECD7C0-7F3C-4021-B949-32141E58687C",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:cisco:unified_communications_manager:5.1.2:*:*:*:*:*:*:*",
"matchCriteriaId": "9E51D8BF-12BB-4DD1-9232-1D066889B30F",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:cisco:unified_communications_manager:6.0:*:*:*:*:*:*:*",
"matchCriteriaId": "819AE879-5BF9-494E-8905-1E1E867EB5A9",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:cisco:unified_communications_manager:6.0\\(1\\):*:*:*:*:*:*:*",
"matchCriteriaId": "C2DF1139-A161-48DD-9929-F6939D626461",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:cisco:unified_communications_manager:6.0\\(1a\\):*:*:*:*:*:*:*",
"matchCriteriaId": "FF99088E-1330-4E15-8BD3-2A5172FBA460",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:cisco:unified_communications_manager:6.0\\(1b\\):*:*:*:*:*:*:*",
"matchCriteriaId": "C2CD96CE-AAC6-40BD-A053-A62572AC7714",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:cisco:unified_communications_manager:6.1\\(1\\):*:*:*:*:*:*:*",
"matchCriteriaId": "6CC94003-72B6-45C3-A07E-0A08F1562B6A",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:cisco:unified_communications_manager:6.1\\(1a\\):*:*:*:*:*:*:*",
"matchCriteriaId": "958A2707-0F1A-4719-BB9F-DC9ED129105A",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:cisco:unified_communications_manager:6.1\\(1b\\):*:*:*:*:*:*:*",
"matchCriteriaId": "48A8EE9A-458D-4619-B04D-F01A9934DC11",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:cisco:unified_communications_manager:6.1\\(2\\):*:*:*:*:*:*:*",
"matchCriteriaId": "597D9674-F44D-4A31-A2F2-2790ED698A91",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:cisco:unified_communications_manager:6.1\\(2\\)su1:*:*:*:*:*:*:*",
"matchCriteriaId": "3C2B7439-8547-41A6-AE6C-6ABCD167890E",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:cisco:unified_communications_manager:6.1\\(2\\)su1a:*:*:*:*:*:*:*",
"matchCriteriaId": "FF3EB2A0-6907-4260-BBF1-D8E6E40827FD",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:cisco:unified_communications_manager:6.1\\(3\\):*:*:*:*:*:*:*",
"matchCriteriaId": "BE122F76-ECDB-4446-825C-EF02257D8C08",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:cisco:unified_communications_manager:6.1\\(3a\\):*:*:*:*:*:*:*",
"matchCriteriaId": "44280E56-C151-4C08-804D-001F91FF2AFE",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:cisco:unified_communications_manager:6.1\\(3b\\):*:*:*:*:*:*:*",
"matchCriteriaId": "BD968A56-9539-4699-9099-0F220D283CB1",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:cisco:unified_communications_manager:6.1\\(3b\\)su1:*:*:*:*:*:*:*",
"matchCriteriaId": "E4CEBB9B-2B43-44C2-BC93-55E58C24CED4",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:cisco:unified_communications_manager:6.1\\(4\\):*:*:*:*:*:*:*",
"matchCriteriaId": "FE2597F4-9B5B-4E2E-8DA5-40D769CC57B3",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:cisco:unified_communications_manager:6.1\\(4\\)su1:*:*:*:*:*:*:*",
"matchCriteriaId": "665ACEFC-B989-42AB-BAB4-2C273CF2B702",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:cisco:unified_communications_manager:6.1\\(4a\\):*:*:*:*:*:*:*",
"matchCriteriaId": "4F9ABF04-C732-4509-8589-F58E1D5F66E0",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:cisco:unified_communications_manager:6.1\\(4a\\)su2:*:*:*:*:*:*:*",
"matchCriteriaId": "0D899431-7C91-4CB4-9CBA-D5BA34B7B330",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:cisco:unified_communications_manager:6.1\\(5\\):*:*:*:*:*:*:*",
"matchCriteriaId": "FC13697F-84A3-4793-B82E-6E8857B4FC3C",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:cisco:unified_communications_manager:6.1\\(5\\)su1:*:*:*:*:*:*:*",
"matchCriteriaId": "DC24D57B-3D0C-486D-83CB-A4E419CA9626",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:cisco:unified_communications_manager:6.1\\(5\\)su2:*:*:*:*:*:*:*",
"matchCriteriaId": "E5137D0F-0273-41EF-B3F6-2D87662B3788",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:cisco:unified_communications_manager:6.1\\(5\\)su3:*:*:*:*:*:*:*",
"matchCriteriaId": "3FCBB8A8-E31C-49A3-843E-F18B2FF134B9",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:cisco:unified_communications_manager:7.0\\(1\\)su1:*:*:*:*:*:*:*",
"matchCriteriaId": "72C54A10-998C-435F-B058-A6879CD608A1",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:cisco:unified_communications_manager:7.0\\(1\\)su1a:*:*:*:*:*:*:*",
"matchCriteriaId": "D81D69D5-E669-4DBC-A76B-E9C30A239A2B",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:cisco:unified_communications_manager:7.0\\(2\\):*:*:*:*:*:*:*",
"matchCriteriaId": "FCB47159-FA07-4317-B562-D7AB7C49E8F6",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:cisco:unified_communications_manager:7.0\\(2a\\):*:*:*:*:*:*:*",
"matchCriteriaId": "8765E016-7C6F-4C36-A22C-78ED8666F7E5",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:cisco:unified_communications_manager:7.0\\(2a\\)su1:*:*:*:*:*:*:*",
"matchCriteriaId": "2B3D5254-3E67-452E-ADB3-204A66765952",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:cisco:unified_communications_manager:7.0\\(2a\\)su2:*:*:*:*:*:*:*",
"matchCriteriaId": "9D3680AB-CEF8-4C2C-A46B-C9009E6A6590",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:cisco:unified_communications_manager:7.1\\(2a\\):*:*:*:*:*:*:*",
"matchCriteriaId": "B591E75E-040C-4D26-AF13-A4F87E048579",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:cisco:unified_communications_manager:7.1\\(2a\\)su1:*:*:*:*:*:*:*",
"matchCriteriaId": "F22B2CDE-DB49-402D-8BF2-B9458D907DDE",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:cisco:unified_communications_manager:7.1\\(2b\\):*:*:*:*:*:*:*",
"matchCriteriaId": "18986D7E-E1E6-46EB-A247-2A98224FC122",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:cisco:unified_communications_manager:7.1\\(2b\\)su1:*:*:*:*:*:*:*",
"matchCriteriaId": "BFAAC2E8-B548-4940-9492-DEAB574E7CF8",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:cisco:unified_communications_manager:7.1\\(3\\):*:*:*:*:*:*:*",
"matchCriteriaId": "46BDD926-7F96-46C5-AD9C-40B7D3C78340",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:cisco:unified_communications_manager:7.1\\(3a\\):*:*:*:*:*:*:*",
"matchCriteriaId": "7BA63076-B8A1-4672-99F3-703F7838F3A1",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:cisco:unified_communications_manager:7.1\\(3a\\)su1:*:*:*:*:*:*:*",
"matchCriteriaId": "3EADE6FA-40F8-4BEB-ABDB-77D4C0E587BC",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:cisco:unified_communications_manager:7.1\\(3a\\)su1a:*:*:*:*:*:*:*",
"matchCriteriaId": "3F84676C-75A5-48D2-889D-B48EC724336F",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:cisco:unified_communications_manager:7.1\\(3b\\):*:*:*:*:*:*:*",
"matchCriteriaId": "2EA15D48-A0DE-4091-8C78-666E98B488C4",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:cisco:unified_communications_manager:7.1\\(3b\\)su1:*:*:*:*:*:*:*",
"matchCriteriaId": "3038823F-C32D-4C1B-8228-D14B35535297",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:cisco:unified_communications_manager:7.1\\(3b\\)su2:*:*:*:*:*:*:*",
"matchCriteriaId": "617E82C3-1CB1-46B2-BCFE-94BF9DBDD1D5",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:cisco:unified_communications_manager:7.1\\(5\\):*:*:*:*:*:*:*",
"matchCriteriaId": "2ECDCE1A-176D-46E0-9C39-19FAD7B57892",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:cisco:unified_communications_manager:7.1\\(5\\)su1:*:*:*:*:*:*:*",
"matchCriteriaId": "C6856A2A-55F4-4785-BEC1-54295D7D9CD6",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:cisco:unified_communications_manager:7.1\\(5\\)su1a:*:*:*:*:*:*:*",
"matchCriteriaId": "2727998A-ED1F-4EFE-9952-7DA8486706D0",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:cisco:unified_communications_manager:7.1\\(5a\\):*:*:*:*:*:*:*",
"matchCriteriaId": "F61FD826-A08E-477C-AA57-359B10387035",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:cisco:unified_communications_manager:7.1\\(5b\\):*:*:*:*:*:*:*",
"matchCriteriaId": "7A9EDB91-350B-4ED4-A177-257023380C44",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:cisco:unified_communications_manager:7.1\\(5b\\)su1:*:*:*:*:*:*:*",
"matchCriteriaId": "2CBA6140-CEF7-4990-9A1E-76F02607BA84",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:cisco:unified_communications_manager:7.1\\(5b\\)su1a:*:*:*:*:*:*:*",
"matchCriteriaId": "9DCF2F2A-DF52-4BD8-A56B-B4E91CD1D1E6",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:cisco:unified_communications_manager:7.1\\(5b\\)su2:*:*:*:*:*:*:*",
"matchCriteriaId": "9F0A5B28-0211-4173-BD91-67BCA3267C95",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:cisco:unified_communications_manager:7.1\\(5b\\)su3:*:*:*:*:*:*:*",
"matchCriteriaId": "74323C2F-949A-4A97-8A1A-1D0A470B93BC",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:cisco:unified_communications_manager:7.1\\(5b\\)su4:*:*:*:*:*:*:*",
"matchCriteriaId": "E69A9EC1-7078-4866-986E-D2842CFDC404",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:cisco:unified_communications_manager:7.1\\(5b\\)su5:*:*:*:*:*:*:*",
"matchCriteriaId": "0EE6F189-C6AE-43C3-8E2C-741B4D63FA82",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:cisco:unified_communications_manager:7.1\\(5b\\)su6:*:*:*:*:*:*:*",
"matchCriteriaId": "C73894A0-E3F3-4C92-A1D0-7762F2612F16",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:cisco:unified_communications_manager:8.0:*:*:*:*:*:*:*",
"matchCriteriaId": "248E4608-B870-4913-8048-3771685CBD77",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:cisco:unified_communications_manager:8.0\\(1\\):*:*:*:*:*:*:*",
"matchCriteriaId": "52D7EECA-322E-48E4-9682-6C3C39B64B9A",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:cisco:unified_communications_manager:8.0\\(2\\):*:*:*:*:*:*:*",
"matchCriteriaId": "547E3100-EFBF-4F30-8D9E-81F8B79D9F9C",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:cisco:unified_communications_manager:8.0\\(2a\\):*:*:*:*:*:*:*",
"matchCriteriaId": "BCE55716-ACB7-411B-B708-415D4DB1D8AB",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:cisco:unified_communications_manager:8.0\\(2b\\):*:*:*:*:*:*:*",
"matchCriteriaId": "916C8A47-B3DA-42C0-BE2F-041269F79CF0",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:cisco:unified_communications_manager:8.0\\(2c\\):*:*:*:*:*:*:*",
"matchCriteriaId": "C09FE52A-E0AF-4B0F-A44E-4362E26A88D9",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:cisco:unified_communications_manager:8.0\\(2c\\)su1:*:*:*:*:*:*:*",
"matchCriteriaId": "A9AD0704-6F85-4E64-88D4-73E8BB2BEF4E",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:cisco:unified_communications_manager:8.0\\(3\\):*:*:*:*:*:*:*",
"matchCriteriaId": "07EF7BE6-2702-4174-A8AA-AFD44014F8A7",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:cisco:unified_communications_manager:8.0\\(3a\\):*:*:*:*:*:*:*",
"matchCriteriaId": "56403D34-B803-4DA7-96BC-2E0797D27F69",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:cisco:unified_communications_manager:8.0\\(3a\\)su1:*:*:*:*:*:*:*",
"matchCriteriaId": "64FDCB2A-AAF7-44EF-B748-6B336B7CD2D5",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:cisco:unified_communications_manager:8.0\\(3a\\)su2:*:*:*:*:*:*:*",
"matchCriteriaId": "765921EA-40B6-491F-9F05-85E000F12474",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:cisco:unified_communications_manager:8.0\\(3a\\)su3:*:*:*:*:*:*:*",
"matchCriteriaId": "A6FFFE8D-6196-48F4-BEAB-3657D68A67BB",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:cisco:unified_communications_manager:8.5:*:*:*:*:*:*:*",
"matchCriteriaId": "3E1FA195-A711-4861-9B3D-A36D55C0F49D",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:cisco:unified_communications_manager:8.5\\(1\\):*:*:*:*:*:*:*",
"matchCriteriaId": "F252947A-82FE-4133-AA4F-E17758D7ECF7",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:cisco:unified_communications_manager:8.5\\(1\\)su1:*:*:*:*:*:*:*",
"matchCriteriaId": "F61E277B-475A-40EC-8A67-CE2A17C94185",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:cisco:unified_communications_manager:8.5\\(1\\)su2:*:*:*:*:*:*:*",
"matchCriteriaId": "D289E6D8-EA6A-4487-9513-6CCEE3740EA2",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:cisco:unified_communications_manager:8.5\\(1\\)su3:*:*:*:*:*:*:*",
"matchCriteriaId": "0FAA377E-3C37-4E9D-97E7-FDC162CF8FC6",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:cisco:unified_communications_manager:8.5\\(1\\)su4:*:*:*:*:*:*:*",
"matchCriteriaId": "BCEDD1A3-9658-48AF-A59E-A9BE7FA17E13",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:cisco:unified_communications_manager:8.5\\(1\\)su5:*:*:*:*:*:*:*",
"matchCriteriaId": "06098E0B-20F8-4FCC-A384-01EA108F4549",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:cisco:unified_communications_manager:8.6:*:*:*:*:*:*:*",
"matchCriteriaId": "DCF00D65-DE88-4287-82CB-552AB68AFE25",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:cisco:unified_communications_manager:8.6\\(1\\):*:*:*:*:*:*:*",
"matchCriteriaId": "47E28290-C7A9-4DF4-9918-6FDF5DC2B3A8",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:cisco:unified_communications_manager:8.6\\(1a\\):*:*:*:*:*:*:*",
"matchCriteriaId": "A8B5A9DD-C259-463C-A6A5-51D3E8DD4F58",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:cisco:unified_communications_manager:8.6\\(2\\):*:*:*:*:*:*:*",
"matchCriteriaId": "6B04ECEA-E097-4069-B6AC-74D477F03BF3",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:cisco:unified_communications_manager:8.6\\(2a\\):*:*:*:*:*:*:*",
"matchCriteriaId": "F5CCD3E6-6031-437E-862B-470E39FAF67D",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:cisco:unified_communications_manager:8.6\\(2a\\)su1:*:*:*:*:*:*:*",
"matchCriteriaId": "31C31335-8001-4C83-A04B-6562CB39E3EC",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:cisco:unified_communications_manager:8.6\\(2a\\)su2:*:*:*:*:*:*:*",
"matchCriteriaId": "70757AD4-8F55-4C8B-886B-1D2E41670407",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:cisco:unified_communications_manager:8.6\\(2a\\)su3:*:*:*:*:*:*:*",
"matchCriteriaId": "FFD583D2-CFB4-4539-9458-E91FF9BC7059",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:cisco:unified_communications_manager:8.6\\(3\\):*:*:*:*:*:*:*",
"matchCriteriaId": "FB6E34CF-3F33-485F-8128-2D65A9034A57",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:cisco:unified_communications_manager:9.0\\(1\\):*:*:*:*:*:*:*",
"matchCriteriaId": "B7285C0D-5337-49D0-A6EE-2385A7B4F510",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:cisco:unified_communications_manager:9.1\\(1\\):*:*:*:*:*:*:*",
"matchCriteriaId": "5A1D8DBE-095D-4E38-A93B-D05459F7209E",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:cisco:unified_communications_manager:9.1\\(1a\\):*:*:*:*:*:*:*",
"matchCriteriaId": "BCA70732-8ACD-47D2-A311-319180F86892",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:cisco:unified_presence:-:*:*:*:*:*:*:*",
"matchCriteriaId": "63CC14CC-D958-419F-B248-E2D615C9584D",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
}
]
}
],
"cveTags": [],
"descriptions": [
{
"lang": "en",
"value": "Memory leak in Cisco Unified Communications Manager IM and Presence Service before 8.6(5)SU1 and 9.x before 9.1(2), and Cisco Unified Presence, allows remote attackers to cause a denial of service (memory and CPU consumption) by making many TCP connections to port (1) 5060 or (2) 5061, aka Bug ID CSCud84959."
},
{
"lang": "es",
"value": "Fuga de memoria en Cisco Unified Communications Manager IM y Presence Service anterior a 8.6(5)SU1 y 9.x anterior a 9.1(2), y Cisco Unified Presence, permite a atacantes remotos provocar una denegaci\u00f3n de servicio (consumo de CPU y memoria) realizando multitud de conexiones TCP a los puertos (1) 5060 o (2) 5061. Aka Bug ID CSCud84959."
}
],
"id": "CVE-2013-3453",
"lastModified": "2024-11-21T01:53:39.523",
"metrics": {
"cvssMetricV2": [
{
"acInsufInfo": false,
"baseSeverity": "HIGH",
"cvssData": {
"accessComplexity": "LOW",
"accessVector": "NETWORK",
"authentication": "NONE",
"availabilityImpact": "COMPLETE",
"baseScore": 7.8,
"confidentialityImpact": "NONE",
"integrityImpact": "NONE",
"vectorString": "AV:N/AC:L/Au:N/C:N/I:N/A:C",
"version": "2.0"
},
"exploitabilityScore": 10.0,
"impactScore": 6.9,
"obtainAllPrivilege": false,
"obtainOtherPrivilege": false,
"obtainUserPrivilege": false,
"source": "nvd@nist.gov",
"type": "Primary",
"userInteractionRequired": false
}
]
},
"published": "2013-08-22T22:55:05.093",
"references": [
{
"source": "ykramarz@cisco.com",
"tags": [
"Vendor Advisory"
],
"url": "http://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20130821-cup"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Vendor Advisory"
],
"url": "http://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20130821-cup"
}
],
"sourceIdentifier": "ykramarz@cisco.com",
"vulnStatus": "Modified",
"weaknesses": [
{
"description": [
{
"lang": "en",
"value": "CWE-399"
}
],
"source": "nvd@nist.gov",
"type": "Primary"
}
]
}
cve-2011-3288
Vulnerability from cvelistv5
Published
2011-10-06 10:00
Modified
2024-09-16 22:36
Severity ?
EPSS score ?
Summary
Cisco Unified Presence before 8.5(4) does not properly detect recursion during entity expansion, which allows remote attackers to cause a denial of service (memory and CPU consumption, and process crash) via a crafted XML document containing a large number of nested entity references, aka Bug IDs CSCtq89842 and CSCtq88547, a similar issue to CVE-2003-1564.
References
| ▼ | URL | Tags |
|---|---|---|
| http://www.cisco.com/en/US/products/products_security_advisory09186a0080b95d47.shtml | vendor-advisory, x_refsource_CISCO |
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-06T23:29:56.642Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"name": "20110928 Jabber Extensible Communications Platform and Cisco Unified Presence XML Denial of Service Vulnerability",
"tags": [
"vendor-advisory",
"x_refsource_CISCO",
"x_transferred"
],
"url": "http://www.cisco.com/en/US/products/products_security_advisory09186a0080b95d47.shtml"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "n/a",
"vendor": "n/a",
"versions": [
{
"status": "affected",
"version": "n/a"
}
]
}
],
"descriptions": [
{
"lang": "en",
"value": "Cisco Unified Presence before 8.5(4) does not properly detect recursion during entity expansion, which allows remote attackers to cause a denial of service (memory and CPU consumption, and process crash) via a crafted XML document containing a large number of nested entity references, aka Bug IDs CSCtq89842 and CSCtq88547, a similar issue to CVE-2003-1564."
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "n/a",
"lang": "en",
"type": "text"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2011-10-06T10:00:00Z",
"orgId": "d1c1063e-7a18-46af-9102-31f8928bc633",
"shortName": "cisco"
},
"references": [
{
"name": "20110928 Jabber Extensible Communications Platform and Cisco Unified Presence XML Denial of Service Vulnerability",
"tags": [
"vendor-advisory",
"x_refsource_CISCO"
],
"url": "http://www.cisco.com/en/US/products/products_security_advisory09186a0080b95d47.shtml"
}
],
"x_legacyV4Record": {
"CVE_data_meta": {
"ASSIGNER": "psirt@cisco.com",
"ID": "CVE-2011-3288",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "n/a",
"version": {
"version_data": [
{
"version_value": "n/a"
}
]
}
}
]
},
"vendor_name": "n/a"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "Cisco Unified Presence before 8.5(4) does not properly detect recursion during entity expansion, which allows remote attackers to cause a denial of service (memory and CPU consumption, and process crash) via a crafted XML document containing a large number of nested entity references, aka Bug IDs CSCtq89842 and CSCtq88547, a similar issue to CVE-2003-1564."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "20110928 Jabber Extensible Communications Platform and Cisco Unified Presence XML Denial of Service Vulnerability",
"refsource": "CISCO",
"url": "http://www.cisco.com/en/US/products/products_security_advisory09186a0080b95d47.shtml"
}
]
}
}
}
},
"cveMetadata": {
"assignerOrgId": "d1c1063e-7a18-46af-9102-31f8928bc633",
"assignerShortName": "cisco",
"cveId": "CVE-2011-3288",
"datePublished": "2011-10-06T10:00:00Z",
"dateReserved": "2011-08-29T00:00:00Z",
"dateUpdated": "2024-09-16T22:36:23.734Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
cve-2013-3453
Vulnerability from cvelistv5
Published
2013-08-22 22:00
Modified
2024-09-16 22:19
Severity ?
EPSS score ?
Summary
Memory leak in Cisco Unified Communications Manager IM and Presence Service before 8.6(5)SU1 and 9.x before 9.1(2), and Cisco Unified Presence, allows remote attackers to cause a denial of service (memory and CPU consumption) by making many TCP connections to port (1) 5060 or (2) 5061, aka Bug ID CSCud84959.
References
| ▼ | URL | Tags |
|---|---|---|
| http://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20130821-cup | vendor-advisory, x_refsource_CISCO |
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-06T16:07:37.930Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"name": "20130821 Cisco Unified Communications Manager IM and Presence Service Denial of Service Vulnerability",
"tags": [
"vendor-advisory",
"x_refsource_CISCO",
"x_transferred"
],
"url": "http://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20130821-cup"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "n/a",
"vendor": "n/a",
"versions": [
{
"status": "affected",
"version": "n/a"
}
]
}
],
"descriptions": [
{
"lang": "en",
"value": "Memory leak in Cisco Unified Communications Manager IM and Presence Service before 8.6(5)SU1 and 9.x before 9.1(2), and Cisco Unified Presence, allows remote attackers to cause a denial of service (memory and CPU consumption) by making many TCP connections to port (1) 5060 or (2) 5061, aka Bug ID CSCud84959."
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "n/a",
"lang": "en",
"type": "text"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2013-08-22T22:00:00Z",
"orgId": "d1c1063e-7a18-46af-9102-31f8928bc633",
"shortName": "cisco"
},
"references": [
{
"name": "20130821 Cisco Unified Communications Manager IM and Presence Service Denial of Service Vulnerability",
"tags": [
"vendor-advisory",
"x_refsource_CISCO"
],
"url": "http://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20130821-cup"
}
],
"x_legacyV4Record": {
"CVE_data_meta": {
"ASSIGNER": "psirt@cisco.com",
"ID": "CVE-2013-3453",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "n/a",
"version": {
"version_data": [
{
"version_value": "n/a"
}
]
}
}
]
},
"vendor_name": "n/a"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "Memory leak in Cisco Unified Communications Manager IM and Presence Service before 8.6(5)SU1 and 9.x before 9.1(2), and Cisco Unified Presence, allows remote attackers to cause a denial of service (memory and CPU consumption) by making many TCP connections to port (1) 5060 or (2) 5061, aka Bug ID CSCud84959."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "20130821 Cisco Unified Communications Manager IM and Presence Service Denial of Service Vulnerability",
"refsource": "CISCO",
"url": "http://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20130821-cup"
}
]
}
}
}
},
"cveMetadata": {
"assignerOrgId": "d1c1063e-7a18-46af-9102-31f8928bc633",
"assignerShortName": "cisco",
"cveId": "CVE-2013-3453",
"datePublished": "2013-08-22T22:00:00Z",
"dateReserved": "2013-05-06T00:00:00Z",
"dateUpdated": "2024-09-16T22:19:39.546Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
cve-2012-3935
Vulnerability from cvelistv5
Published
2012-09-12 23:00
Modified
2024-08-06 20:21
Severity ?
EPSS score ?
Summary
Cisco Unified Presence (CUP) before 8.6(3) and Jabber Extensible Communications Platform (aka Jabber XCP) before 5.3 allow remote attackers to cause a denial of service (process crash) via a crafted XMPP stream header, aka Bug ID CSCtu32832.
References
| ▼ | URL | Tags |
|---|---|---|
| https://exchange.xforce.ibmcloud.com/vulnerabilities/78457 | vdb-entry, x_refsource_XF | |
| http://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20120912-cupxcp | vendor-advisory, x_refsource_CISCO | |
| http://www.securitytracker.com/id?1027520 | vdb-entry, x_refsource_SECTRACK | |
| http://osvdb.org/85421 | vdb-entry, x_refsource_OSVDB | |
| http://secunia.com/advisories/50562 | third-party-advisory, x_refsource_SECUNIA |
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-06T20:21:04.047Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"name": "cisco-presence-jabber-dos(78457)",
"tags": [
"vdb-entry",
"x_refsource_XF",
"x_transferred"
],
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/78457"
},
{
"name": "20120912 Cisco Unified Presence and Jabber Extensible Communications Platform Stream Header Denial of Service Vulnerability",
"tags": [
"vendor-advisory",
"x_refsource_CISCO",
"x_transferred"
],
"url": "http://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20120912-cupxcp"
},
{
"name": "1027520",
"tags": [
"vdb-entry",
"x_refsource_SECTRACK",
"x_transferred"
],
"url": "http://www.securitytracker.com/id?1027520"
},
{
"name": "85421",
"tags": [
"vdb-entry",
"x_refsource_OSVDB",
"x_transferred"
],
"url": "http://osvdb.org/85421"
},
{
"name": "50562",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA",
"x_transferred"
],
"url": "http://secunia.com/advisories/50562"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "n/a",
"vendor": "n/a",
"versions": [
{
"status": "affected",
"version": "n/a"
}
]
}
],
"datePublic": "2012-09-12T00:00:00",
"descriptions": [
{
"lang": "en",
"value": "Cisco Unified Presence (CUP) before 8.6(3) and Jabber Extensible Communications Platform (aka Jabber XCP) before 5.3 allow remote attackers to cause a denial of service (process crash) via a crafted XMPP stream header, aka Bug ID CSCtu32832."
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "n/a",
"lang": "en",
"type": "text"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2017-08-28T12:57:01",
"orgId": "d1c1063e-7a18-46af-9102-31f8928bc633",
"shortName": "cisco"
},
"references": [
{
"name": "cisco-presence-jabber-dos(78457)",
"tags": [
"vdb-entry",
"x_refsource_XF"
],
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/78457"
},
{
"name": "20120912 Cisco Unified Presence and Jabber Extensible Communications Platform Stream Header Denial of Service Vulnerability",
"tags": [
"vendor-advisory",
"x_refsource_CISCO"
],
"url": "http://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20120912-cupxcp"
},
{
"name": "1027520",
"tags": [
"vdb-entry",
"x_refsource_SECTRACK"
],
"url": "http://www.securitytracker.com/id?1027520"
},
{
"name": "85421",
"tags": [
"vdb-entry",
"x_refsource_OSVDB"
],
"url": "http://osvdb.org/85421"
},
{
"name": "50562",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA"
],
"url": "http://secunia.com/advisories/50562"
}
],
"x_legacyV4Record": {
"CVE_data_meta": {
"ASSIGNER": "psirt@cisco.com",
"ID": "CVE-2012-3935",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "n/a",
"version": {
"version_data": [
{
"version_value": "n/a"
}
]
}
}
]
},
"vendor_name": "n/a"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "Cisco Unified Presence (CUP) before 8.6(3) and Jabber Extensible Communications Platform (aka Jabber XCP) before 5.3 allow remote attackers to cause a denial of service (process crash) via a crafted XMPP stream header, aka Bug ID CSCtu32832."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "cisco-presence-jabber-dos(78457)",
"refsource": "XF",
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/78457"
},
{
"name": "20120912 Cisco Unified Presence and Jabber Extensible Communications Platform Stream Header Denial of Service Vulnerability",
"refsource": "CISCO",
"url": "http://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20120912-cupxcp"
},
{
"name": "1027520",
"refsource": "SECTRACK",
"url": "http://www.securitytracker.com/id?1027520"
},
{
"name": "85421",
"refsource": "OSVDB",
"url": "http://osvdb.org/85421"
},
{
"name": "50562",
"refsource": "SECUNIA",
"url": "http://secunia.com/advisories/50562"
}
]
}
}
}
},
"cveMetadata": {
"assignerOrgId": "d1c1063e-7a18-46af-9102-31f8928bc633",
"assignerShortName": "cisco",
"cveId": "CVE-2012-3935",
"datePublished": "2012-09-12T23:00:00",
"dateReserved": "2012-07-10T00:00:00",
"dateUpdated": "2024-08-06T20:21:04.047Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
cve-2008-1740
Vulnerability from cvelistv5
Published
2008-05-16 06:54
Modified
2024-08-07 08:32
Severity ?
EPSS score ?
Summary
The Presence Engine (PE) service in Cisco Unified Presence before 6.0(1) allows remote attackers to cause a denial of service (core dump and service interruption) via an unspecified "stress test," aka Bug ID CSCsh20972.
References
| ▼ | URL | Tags |
|---|---|---|
| http://www.securityfocus.com/bid/29220 | vdb-entry, x_refsource_BID | |
| http://www.cisco.com/en/US/products/products_security_advisory09186a0080995682.shtml | vendor-advisory, x_refsource_CISCO | |
| https://exchange.xforce.ibmcloud.com/vulnerabilities/42412 | vdb-entry, x_refsource_XF | |
| http://www.vupen.com/english/advisories/2008/1534 | vdb-entry, x_refsource_VUPEN | |
| http://securitytracker.com/id?1020023 | vdb-entry, x_refsource_SECTRACK | |
| http://secunia.com/advisories/30240 | third-party-advisory, x_refsource_SECUNIA |
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-07T08:32:01.128Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"name": "29220",
"tags": [
"vdb-entry",
"x_refsource_BID",
"x_transferred"
],
"url": "http://www.securityfocus.com/bid/29220"
},
{
"name": "20080514 Cisco Unified Presence Denial of Service Vulnerabilities",
"tags": [
"vendor-advisory",
"x_refsource_CISCO",
"x_transferred"
],
"url": "http://www.cisco.com/en/US/products/products_security_advisory09186a0080995682.shtml"
},
{
"name": "cisco-unifiedpresence-presenceengine-dos(42412)",
"tags": [
"vdb-entry",
"x_refsource_XF",
"x_transferred"
],
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/42412"
},
{
"name": "ADV-2008-1534",
"tags": [
"vdb-entry",
"x_refsource_VUPEN",
"x_transferred"
],
"url": "http://www.vupen.com/english/advisories/2008/1534"
},
{
"name": "1020023",
"tags": [
"vdb-entry",
"x_refsource_SECTRACK",
"x_transferred"
],
"url": "http://securitytracker.com/id?1020023"
},
{
"name": "30240",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA",
"x_transferred"
],
"url": "http://secunia.com/advisories/30240"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "n/a",
"vendor": "n/a",
"versions": [
{
"status": "affected",
"version": "n/a"
}
]
}
],
"datePublic": "2008-05-14T00:00:00",
"descriptions": [
{
"lang": "en",
"value": "The Presence Engine (PE) service in Cisco Unified Presence before 6.0(1) allows remote attackers to cause a denial of service (core dump and service interruption) via an unspecified \"stress test,\" aka Bug ID CSCsh20972."
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "n/a",
"lang": "en",
"type": "text"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2017-08-07T12:57:01",
"orgId": "d1c1063e-7a18-46af-9102-31f8928bc633",
"shortName": "cisco"
},
"references": [
{
"name": "29220",
"tags": [
"vdb-entry",
"x_refsource_BID"
],
"url": "http://www.securityfocus.com/bid/29220"
},
{
"name": "20080514 Cisco Unified Presence Denial of Service Vulnerabilities",
"tags": [
"vendor-advisory",
"x_refsource_CISCO"
],
"url": "http://www.cisco.com/en/US/products/products_security_advisory09186a0080995682.shtml"
},
{
"name": "cisco-unifiedpresence-presenceengine-dos(42412)",
"tags": [
"vdb-entry",
"x_refsource_XF"
],
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/42412"
},
{
"name": "ADV-2008-1534",
"tags": [
"vdb-entry",
"x_refsource_VUPEN"
],
"url": "http://www.vupen.com/english/advisories/2008/1534"
},
{
"name": "1020023",
"tags": [
"vdb-entry",
"x_refsource_SECTRACK"
],
"url": "http://securitytracker.com/id?1020023"
},
{
"name": "30240",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA"
],
"url": "http://secunia.com/advisories/30240"
}
],
"x_legacyV4Record": {
"CVE_data_meta": {
"ASSIGNER": "psirt@cisco.com",
"ID": "CVE-2008-1740",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "n/a",
"version": {
"version_data": [
{
"version_value": "n/a"
}
]
}
}
]
},
"vendor_name": "n/a"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "The Presence Engine (PE) service in Cisco Unified Presence before 6.0(1) allows remote attackers to cause a denial of service (core dump and service interruption) via an unspecified \"stress test,\" aka Bug ID CSCsh20972."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "29220",
"refsource": "BID",
"url": "http://www.securityfocus.com/bid/29220"
},
{
"name": "20080514 Cisco Unified Presence Denial of Service Vulnerabilities",
"refsource": "CISCO",
"url": "http://www.cisco.com/en/US/products/products_security_advisory09186a0080995682.shtml"
},
{
"name": "cisco-unifiedpresence-presenceengine-dos(42412)",
"refsource": "XF",
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/42412"
},
{
"name": "ADV-2008-1534",
"refsource": "VUPEN",
"url": "http://www.vupen.com/english/advisories/2008/1534"
},
{
"name": "1020023",
"refsource": "SECTRACK",
"url": "http://securitytracker.com/id?1020023"
},
{
"name": "30240",
"refsource": "SECUNIA",
"url": "http://secunia.com/advisories/30240"
}
]
}
}
}
},
"cveMetadata": {
"assignerOrgId": "d1c1063e-7a18-46af-9102-31f8928bc633",
"assignerShortName": "cisco",
"cveId": "CVE-2008-1740",
"datePublished": "2008-05-16T06:54:00",
"dateReserved": "2008-04-11T00:00:00",
"dateUpdated": "2024-08-07T08:32:01.128Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
cve-2008-1154
Vulnerability from cvelistv5
Published
2008-04-04 19:00
Modified
2024-08-07 08:08
Severity ?
EPSS score ?
Summary
The Disaster Recovery Framework (DRF) master server in Cisco Unified Communications products, including Unified Communications Manager (CUCM) 5.x and 6.x, Unified Presence 1.x and 6.x, Emergency Responder 2.x, and Mobility Manager 2.x, does not require authentication for requests received from the network, which allows remote attackers to execute arbitrary code via unspecified vectors.
References
| ▼ | URL | Tags |
|---|---|---|
| http://www.securityfocus.com/bid/28591 | vdb-entry, x_refsource_BID | |
| http://www.cisco.com/en/US/products/products_security_advisory09186a008096fd9a.shtml | vendor-advisory, x_refsource_CISCO | |
| http://securitytracker.com/id?1019768 | vdb-entry, x_refsource_SECTRACK | |
| http://www.vupen.com/english/advisories/2008/1093 | vdb-entry, x_refsource_VUPEN | |
| https://exchange.xforce.ibmcloud.com/vulnerabilities/41632 | vdb-entry, x_refsource_XF | |
| http://secunia.com/advisories/29670 | third-party-advisory, x_refsource_SECUNIA |
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-07T08:08:57.646Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"name": "28591",
"tags": [
"vdb-entry",
"x_refsource_BID",
"x_transferred"
],
"url": "http://www.securityfocus.com/bid/28591"
},
{
"name": "20080403 Cisco Unified Communications Disaster Recovery Framework Command Execution Vulnerability",
"tags": [
"vendor-advisory",
"x_refsource_CISCO",
"x_transferred"
],
"url": "http://www.cisco.com/en/US/products/products_security_advisory09186a008096fd9a.shtml"
},
{
"name": "1019768",
"tags": [
"vdb-entry",
"x_refsource_SECTRACK",
"x_transferred"
],
"url": "http://securitytracker.com/id?1019768"
},
{
"name": "ADV-2008-1093",
"tags": [
"vdb-entry",
"x_refsource_VUPEN",
"x_transferred"
],
"url": "http://www.vupen.com/english/advisories/2008/1093"
},
{
"name": "cisco-drf-command-execution(41632)",
"tags": [
"vdb-entry",
"x_refsource_XF",
"x_transferred"
],
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/41632"
},
{
"name": "29670",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA",
"x_transferred"
],
"url": "http://secunia.com/advisories/29670"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "n/a",
"vendor": "n/a",
"versions": [
{
"status": "affected",
"version": "n/a"
}
]
}
],
"datePublic": "2008-04-03T00:00:00",
"descriptions": [
{
"lang": "en",
"value": "The Disaster Recovery Framework (DRF) master server in Cisco Unified Communications products, including Unified Communications Manager (CUCM) 5.x and 6.x, Unified Presence 1.x and 6.x, Emergency Responder 2.x, and Mobility Manager 2.x, does not require authentication for requests received from the network, which allows remote attackers to execute arbitrary code via unspecified vectors."
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "n/a",
"lang": "en",
"type": "text"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2017-08-07T12:57:01",
"orgId": "d1c1063e-7a18-46af-9102-31f8928bc633",
"shortName": "cisco"
},
"references": [
{
"name": "28591",
"tags": [
"vdb-entry",
"x_refsource_BID"
],
"url": "http://www.securityfocus.com/bid/28591"
},
{
"name": "20080403 Cisco Unified Communications Disaster Recovery Framework Command Execution Vulnerability",
"tags": [
"vendor-advisory",
"x_refsource_CISCO"
],
"url": "http://www.cisco.com/en/US/products/products_security_advisory09186a008096fd9a.shtml"
},
{
"name": "1019768",
"tags": [
"vdb-entry",
"x_refsource_SECTRACK"
],
"url": "http://securitytracker.com/id?1019768"
},
{
"name": "ADV-2008-1093",
"tags": [
"vdb-entry",
"x_refsource_VUPEN"
],
"url": "http://www.vupen.com/english/advisories/2008/1093"
},
{
"name": "cisco-drf-command-execution(41632)",
"tags": [
"vdb-entry",
"x_refsource_XF"
],
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/41632"
},
{
"name": "29670",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA"
],
"url": "http://secunia.com/advisories/29670"
}
],
"x_legacyV4Record": {
"CVE_data_meta": {
"ASSIGNER": "psirt@cisco.com",
"ID": "CVE-2008-1154",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "n/a",
"version": {
"version_data": [
{
"version_value": "n/a"
}
]
}
}
]
},
"vendor_name": "n/a"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "The Disaster Recovery Framework (DRF) master server in Cisco Unified Communications products, including Unified Communications Manager (CUCM) 5.x and 6.x, Unified Presence 1.x and 6.x, Emergency Responder 2.x, and Mobility Manager 2.x, does not require authentication for requests received from the network, which allows remote attackers to execute arbitrary code via unspecified vectors."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "28591",
"refsource": "BID",
"url": "http://www.securityfocus.com/bid/28591"
},
{
"name": "20080403 Cisco Unified Communications Disaster Recovery Framework Command Execution Vulnerability",
"refsource": "CISCO",
"url": "http://www.cisco.com/en/US/products/products_security_advisory09186a008096fd9a.shtml"
},
{
"name": "1019768",
"refsource": "SECTRACK",
"url": "http://securitytracker.com/id?1019768"
},
{
"name": "ADV-2008-1093",
"refsource": "VUPEN",
"url": "http://www.vupen.com/english/advisories/2008/1093"
},
{
"name": "cisco-drf-command-execution(41632)",
"refsource": "XF",
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/41632"
},
{
"name": "29670",
"refsource": "SECUNIA",
"url": "http://secunia.com/advisories/29670"
}
]
}
}
}
},
"cveMetadata": {
"assignerOrgId": "d1c1063e-7a18-46af-9102-31f8928bc633",
"assignerShortName": "cisco",
"cveId": "CVE-2008-1154",
"datePublished": "2008-04-04T19:00:00",
"dateReserved": "2008-03-05T00:00:00",
"dateUpdated": "2024-08-07T08:08:57.646Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
cve-2013-1197
Vulnerability from cvelistv5
Published
2013-04-16 10:00
Modified
2024-09-16 23:01
Severity ?
EPSS score ?
Summary
The XML parser in the server in Cisco Unified Presence (CUP) allows remote authenticated users to cause a denial of service (jabberd daemon crash) via crafted XML content in an XMPP message, aka Bug ID CSCue13912.
References
| ▼ | URL | Tags |
|---|---|---|
| http://tools.cisco.com/security/center/content/CiscoSecurityNotice/CVE-2013-1197 | vendor-advisory, x_refsource_CISCO |
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-06T14:57:03.545Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"name": "20130415 Cisco Unified Presence XMPP Denial of Service Vulnerability",
"tags": [
"vendor-advisory",
"x_refsource_CISCO",
"x_transferred"
],
"url": "http://tools.cisco.com/security/center/content/CiscoSecurityNotice/CVE-2013-1197"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "n/a",
"vendor": "n/a",
"versions": [
{
"status": "affected",
"version": "n/a"
}
]
}
],
"descriptions": [
{
"lang": "en",
"value": "The XML parser in the server in Cisco Unified Presence (CUP) allows remote authenticated users to cause a denial of service (jabberd daemon crash) via crafted XML content in an XMPP message, aka Bug ID CSCue13912."
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "n/a",
"lang": "en",
"type": "text"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2013-04-16T10:00:00Z",
"orgId": "d1c1063e-7a18-46af-9102-31f8928bc633",
"shortName": "cisco"
},
"references": [
{
"name": "20130415 Cisco Unified Presence XMPP Denial of Service Vulnerability",
"tags": [
"vendor-advisory",
"x_refsource_CISCO"
],
"url": "http://tools.cisco.com/security/center/content/CiscoSecurityNotice/CVE-2013-1197"
}
],
"x_legacyV4Record": {
"CVE_data_meta": {
"ASSIGNER": "psirt@cisco.com",
"ID": "CVE-2013-1197",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "n/a",
"version": {
"version_data": [
{
"version_value": "n/a"
}
]
}
}
]
},
"vendor_name": "n/a"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "The XML parser in the server in Cisco Unified Presence (CUP) allows remote authenticated users to cause a denial of service (jabberd daemon crash) via crafted XML content in an XMPP message, aka Bug ID CSCue13912."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "20130415 Cisco Unified Presence XMPP Denial of Service Vulnerability",
"refsource": "CISCO",
"url": "http://tools.cisco.com/security/center/content/CiscoSecurityNotice/CVE-2013-1197"
}
]
}
}
}
},
"cveMetadata": {
"assignerOrgId": "d1c1063e-7a18-46af-9102-31f8928bc633",
"assignerShortName": "cisco",
"cveId": "CVE-2013-1197",
"datePublished": "2013-04-16T10:00:00Z",
"dateReserved": "2013-01-11T00:00:00Z",
"dateUpdated": "2024-09-16T23:01:32.354Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
cve-2008-1158
Vulnerability from cvelistv5
Published
2008-05-16 06:54
Modified
2024-08-07 08:08
Severity ?
EPSS score ?
Summary
The Presence Engine (PE) service in Cisco Unified Presence before 6.0(1) allows remote attackers to cause a denial of service (core dump and service interruption) via malformed packets, aka Bug ID CSCsh50164.
References
| ▼ | URL | Tags |
|---|---|---|
| http://www.securityfocus.com/bid/29219 | vdb-entry, x_refsource_BID | |
| http://www.cisco.com/en/US/products/products_security_advisory09186a0080995682.shtml | vendor-advisory, x_refsource_CISCO | |
| https://exchange.xforce.ibmcloud.com/vulnerabilities/42412 | vdb-entry, x_refsource_XF | |
| http://www.vupen.com/english/advisories/2008/1534 | vdb-entry, x_refsource_VUPEN | |
| http://securitytracker.com/id?1020023 | vdb-entry, x_refsource_SECTRACK | |
| http://secunia.com/advisories/30240 | third-party-advisory, x_refsource_SECUNIA |
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-07T08:08:57.730Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"name": "29219",
"tags": [
"vdb-entry",
"x_refsource_BID",
"x_transferred"
],
"url": "http://www.securityfocus.com/bid/29219"
},
{
"name": "20080514 Cisco Unified Presence Denial of Service Vulnerabilities",
"tags": [
"vendor-advisory",
"x_refsource_CISCO",
"x_transferred"
],
"url": "http://www.cisco.com/en/US/products/products_security_advisory09186a0080995682.shtml"
},
{
"name": "cisco-unifiedpresence-presenceengine-dos(42412)",
"tags": [
"vdb-entry",
"x_refsource_XF",
"x_transferred"
],
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/42412"
},
{
"name": "ADV-2008-1534",
"tags": [
"vdb-entry",
"x_refsource_VUPEN",
"x_transferred"
],
"url": "http://www.vupen.com/english/advisories/2008/1534"
},
{
"name": "1020023",
"tags": [
"vdb-entry",
"x_refsource_SECTRACK",
"x_transferred"
],
"url": "http://securitytracker.com/id?1020023"
},
{
"name": "30240",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA",
"x_transferred"
],
"url": "http://secunia.com/advisories/30240"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "n/a",
"vendor": "n/a",
"versions": [
{
"status": "affected",
"version": "n/a"
}
]
}
],
"datePublic": "2008-05-14T00:00:00",
"descriptions": [
{
"lang": "en",
"value": "The Presence Engine (PE) service in Cisco Unified Presence before 6.0(1) allows remote attackers to cause a denial of service (core dump and service interruption) via malformed packets, aka Bug ID CSCsh50164."
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "n/a",
"lang": "en",
"type": "text"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2017-08-07T12:57:01",
"orgId": "d1c1063e-7a18-46af-9102-31f8928bc633",
"shortName": "cisco"
},
"references": [
{
"name": "29219",
"tags": [
"vdb-entry",
"x_refsource_BID"
],
"url": "http://www.securityfocus.com/bid/29219"
},
{
"name": "20080514 Cisco Unified Presence Denial of Service Vulnerabilities",
"tags": [
"vendor-advisory",
"x_refsource_CISCO"
],
"url": "http://www.cisco.com/en/US/products/products_security_advisory09186a0080995682.shtml"
},
{
"name": "cisco-unifiedpresence-presenceengine-dos(42412)",
"tags": [
"vdb-entry",
"x_refsource_XF"
],
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/42412"
},
{
"name": "ADV-2008-1534",
"tags": [
"vdb-entry",
"x_refsource_VUPEN"
],
"url": "http://www.vupen.com/english/advisories/2008/1534"
},
{
"name": "1020023",
"tags": [
"vdb-entry",
"x_refsource_SECTRACK"
],
"url": "http://securitytracker.com/id?1020023"
},
{
"name": "30240",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA"
],
"url": "http://secunia.com/advisories/30240"
}
],
"x_legacyV4Record": {
"CVE_data_meta": {
"ASSIGNER": "psirt@cisco.com",
"ID": "CVE-2008-1158",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "n/a",
"version": {
"version_data": [
{
"version_value": "n/a"
}
]
}
}
]
},
"vendor_name": "n/a"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "The Presence Engine (PE) service in Cisco Unified Presence before 6.0(1) allows remote attackers to cause a denial of service (core dump and service interruption) via malformed packets, aka Bug ID CSCsh50164."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "29219",
"refsource": "BID",
"url": "http://www.securityfocus.com/bid/29219"
},
{
"name": "20080514 Cisco Unified Presence Denial of Service Vulnerabilities",
"refsource": "CISCO",
"url": "http://www.cisco.com/en/US/products/products_security_advisory09186a0080995682.shtml"
},
{
"name": "cisco-unifiedpresence-presenceengine-dos(42412)",
"refsource": "XF",
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/42412"
},
{
"name": "ADV-2008-1534",
"refsource": "VUPEN",
"url": "http://www.vupen.com/english/advisories/2008/1534"
},
{
"name": "1020023",
"refsource": "SECTRACK",
"url": "http://securitytracker.com/id?1020023"
},
{
"name": "30240",
"refsource": "SECUNIA",
"url": "http://secunia.com/advisories/30240"
}
]
}
}
}
},
"cveMetadata": {
"assignerOrgId": "d1c1063e-7a18-46af-9102-31f8928bc633",
"assignerShortName": "cisco",
"cveId": "CVE-2008-1158",
"datePublished": "2008-05-16T06:54:00",
"dateReserved": "2008-03-05T00:00:00",
"dateUpdated": "2024-08-07T08:08:57.730Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
cve-2008-1741
Vulnerability from cvelistv5
Published
2008-05-16 06:54
Modified
2024-08-07 08:32
Severity ?
EPSS score ?
Summary
The SIP Proxy (SIPD) service in Cisco Unified Presence before 6.0(3) allows remote attackers to cause a denial of service (core dump and service interruption) via a TCP port scan, aka Bug ID CSCsj64533.
References
| ▼ | URL | Tags |
|---|---|---|
| https://exchange.xforce.ibmcloud.com/vulnerabilities/42413 | vdb-entry, x_refsource_XF | |
| http://www.cisco.com/en/US/products/products_security_advisory09186a0080995682.shtml | vendor-advisory, x_refsource_CISCO | |
| http://www.securityfocus.com/bid/29222 | vdb-entry, x_refsource_BID | |
| http://secunia.com/advisories/30269 | third-party-advisory, x_refsource_SECUNIA | |
| http://www.vupen.com/english/advisories/2008/1534 | vdb-entry, x_refsource_VUPEN | |
| http://securitytracker.com/id?1020023 | vdb-entry, x_refsource_SECTRACK |
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-07T08:32:01.139Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"name": "cisco-unifiedpresence-sipproxy-dos(42413)",
"tags": [
"vdb-entry",
"x_refsource_XF",
"x_transferred"
],
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/42413"
},
{
"name": "20080514 Cisco Unified Presence Denial of Service Vulnerabilities",
"tags": [
"vendor-advisory",
"x_refsource_CISCO",
"x_transferred"
],
"url": "http://www.cisco.com/en/US/products/products_security_advisory09186a0080995682.shtml"
},
{
"name": "29222",
"tags": [
"vdb-entry",
"x_refsource_BID",
"x_transferred"
],
"url": "http://www.securityfocus.com/bid/29222"
},
{
"name": "30269",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA",
"x_transferred"
],
"url": "http://secunia.com/advisories/30269"
},
{
"name": "ADV-2008-1534",
"tags": [
"vdb-entry",
"x_refsource_VUPEN",
"x_transferred"
],
"url": "http://www.vupen.com/english/advisories/2008/1534"
},
{
"name": "1020023",
"tags": [
"vdb-entry",
"x_refsource_SECTRACK",
"x_transferred"
],
"url": "http://securitytracker.com/id?1020023"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "n/a",
"vendor": "n/a",
"versions": [
{
"status": "affected",
"version": "n/a"
}
]
}
],
"datePublic": "2008-05-14T00:00:00",
"descriptions": [
{
"lang": "en",
"value": "The SIP Proxy (SIPD) service in Cisco Unified Presence before 6.0(3) allows remote attackers to cause a denial of service (core dump and service interruption) via a TCP port scan, aka Bug ID CSCsj64533."
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "n/a",
"lang": "en",
"type": "text"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2017-08-07T12:57:01",
"orgId": "d1c1063e-7a18-46af-9102-31f8928bc633",
"shortName": "cisco"
},
"references": [
{
"name": "cisco-unifiedpresence-sipproxy-dos(42413)",
"tags": [
"vdb-entry",
"x_refsource_XF"
],
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/42413"
},
{
"name": "20080514 Cisco Unified Presence Denial of Service Vulnerabilities",
"tags": [
"vendor-advisory",
"x_refsource_CISCO"
],
"url": "http://www.cisco.com/en/US/products/products_security_advisory09186a0080995682.shtml"
},
{
"name": "29222",
"tags": [
"vdb-entry",
"x_refsource_BID"
],
"url": "http://www.securityfocus.com/bid/29222"
},
{
"name": "30269",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA"
],
"url": "http://secunia.com/advisories/30269"
},
{
"name": "ADV-2008-1534",
"tags": [
"vdb-entry",
"x_refsource_VUPEN"
],
"url": "http://www.vupen.com/english/advisories/2008/1534"
},
{
"name": "1020023",
"tags": [
"vdb-entry",
"x_refsource_SECTRACK"
],
"url": "http://securitytracker.com/id?1020023"
}
],
"x_legacyV4Record": {
"CVE_data_meta": {
"ASSIGNER": "psirt@cisco.com",
"ID": "CVE-2008-1741",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "n/a",
"version": {
"version_data": [
{
"version_value": "n/a"
}
]
}
}
]
},
"vendor_name": "n/a"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "The SIP Proxy (SIPD) service in Cisco Unified Presence before 6.0(3) allows remote attackers to cause a denial of service (core dump and service interruption) via a TCP port scan, aka Bug ID CSCsj64533."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "cisco-unifiedpresence-sipproxy-dos(42413)",
"refsource": "XF",
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/42413"
},
{
"name": "20080514 Cisco Unified Presence Denial of Service Vulnerabilities",
"refsource": "CISCO",
"url": "http://www.cisco.com/en/US/products/products_security_advisory09186a0080995682.shtml"
},
{
"name": "29222",
"refsource": "BID",
"url": "http://www.securityfocus.com/bid/29222"
},
{
"name": "30269",
"refsource": "SECUNIA",
"url": "http://secunia.com/advisories/30269"
},
{
"name": "ADV-2008-1534",
"refsource": "VUPEN",
"url": "http://www.vupen.com/english/advisories/2008/1534"
},
{
"name": "1020023",
"refsource": "SECTRACK",
"url": "http://securitytracker.com/id?1020023"
}
]
}
}
}
},
"cveMetadata": {
"assignerOrgId": "d1c1063e-7a18-46af-9102-31f8928bc633",
"assignerShortName": "cisco",
"cveId": "CVE-2008-1741",
"datePublished": "2008-05-16T06:54:00",
"dateReserved": "2008-04-11T00:00:00",
"dateUpdated": "2024-08-07T08:32:01.139Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}