All the vulnerabilites related to cisco - unified_presence_server
cve-2009-2874
Vulnerability from cvelistv5
Published
2009-10-16 16:00
Modified
2024-08-07 06:07
Severity ?
EPSS score ?
Summary
The TimesTenD process in Cisco Unified Presence 1.x, 6.x before 6.0(6), and 7.x before 7.0(4) allows remote attackers to cause a denial of service (process crash) via a large number of TCP connections to ports 16200 and 22794, aka Bug ID CSCsy17662.
References
| ▼ | URL | Tags |
|---|---|---|
| http://www.vupen.com/english/advisories/2009/2915 | vdb-entry, x_refsource_VUPEN | |
| https://exchange.xforce.ibmcloud.com/vulnerabilities/53772 | vdb-entry, x_refsource_XF | |
| http://www.securityfocus.com/bid/36675 | vdb-entry, x_refsource_BID | |
| http://secunia.com/advisories/37039 | third-party-advisory, x_refsource_SECUNIA | |
| http://securitytracker.com/id?1023018 | vdb-entry, x_refsource_SECTRACK | |
| http://www.cisco.com/en/US/products/products_security_advisory09186a0080afc930.shtml | vendor-advisory, x_refsource_CISCO |
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-07T06:07:37.215Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"name": "ADV-2009-2915",
"tags": [
"vdb-entry",
"x_refsource_VUPEN",
"x_transferred"
],
"url": "http://www.vupen.com/english/advisories/2009/2915"
},
{
"name": "cisco-unifiedpresence-timestend-dos(53772)",
"tags": [
"vdb-entry",
"x_refsource_XF",
"x_transferred"
],
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/53772"
},
{
"name": "36675",
"tags": [
"vdb-entry",
"x_refsource_BID",
"x_transferred"
],
"url": "http://www.securityfocus.com/bid/36675"
},
{
"name": "37039",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA",
"x_transferred"
],
"url": "http://secunia.com/advisories/37039"
},
{
"name": "1023018",
"tags": [
"vdb-entry",
"x_refsource_SECTRACK",
"x_transferred"
],
"url": "http://securitytracker.com/id?1023018"
},
{
"name": "20091014 Cisco Unified Presence Denial of Service Vulnerabilities",
"tags": [
"vendor-advisory",
"x_refsource_CISCO",
"x_transferred"
],
"url": "http://www.cisco.com/en/US/products/products_security_advisory09186a0080afc930.shtml"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "n/a",
"vendor": "n/a",
"versions": [
{
"status": "affected",
"version": "n/a"
}
]
}
],
"datePublic": "2009-10-14T00:00:00",
"descriptions": [
{
"lang": "en",
"value": "The TimesTenD process in Cisco Unified Presence 1.x, 6.x before 6.0(6), and 7.x before 7.0(4) allows remote attackers to cause a denial of service (process crash) via a large number of TCP connections to ports 16200 and 22794, aka Bug ID CSCsy17662."
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "n/a",
"lang": "en",
"type": "text"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2017-08-16T14:57:01",
"orgId": "d1c1063e-7a18-46af-9102-31f8928bc633",
"shortName": "cisco"
},
"references": [
{
"name": "ADV-2009-2915",
"tags": [
"vdb-entry",
"x_refsource_VUPEN"
],
"url": "http://www.vupen.com/english/advisories/2009/2915"
},
{
"name": "cisco-unifiedpresence-timestend-dos(53772)",
"tags": [
"vdb-entry",
"x_refsource_XF"
],
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/53772"
},
{
"name": "36675",
"tags": [
"vdb-entry",
"x_refsource_BID"
],
"url": "http://www.securityfocus.com/bid/36675"
},
{
"name": "37039",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA"
],
"url": "http://secunia.com/advisories/37039"
},
{
"name": "1023018",
"tags": [
"vdb-entry",
"x_refsource_SECTRACK"
],
"url": "http://securitytracker.com/id?1023018"
},
{
"name": "20091014 Cisco Unified Presence Denial of Service Vulnerabilities",
"tags": [
"vendor-advisory",
"x_refsource_CISCO"
],
"url": "http://www.cisco.com/en/US/products/products_security_advisory09186a0080afc930.shtml"
}
],
"x_legacyV4Record": {
"CVE_data_meta": {
"ASSIGNER": "psirt@cisco.com",
"ID": "CVE-2009-2874",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "n/a",
"version": {
"version_data": [
{
"version_value": "n/a"
}
]
}
}
]
},
"vendor_name": "n/a"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "The TimesTenD process in Cisco Unified Presence 1.x, 6.x before 6.0(6), and 7.x before 7.0(4) allows remote attackers to cause a denial of service (process crash) via a large number of TCP connections to ports 16200 and 22794, aka Bug ID CSCsy17662."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "ADV-2009-2915",
"refsource": "VUPEN",
"url": "http://www.vupen.com/english/advisories/2009/2915"
},
{
"name": "cisco-unifiedpresence-timestend-dos(53772)",
"refsource": "XF",
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/53772"
},
{
"name": "36675",
"refsource": "BID",
"url": "http://www.securityfocus.com/bid/36675"
},
{
"name": "37039",
"refsource": "SECUNIA",
"url": "http://secunia.com/advisories/37039"
},
{
"name": "1023018",
"refsource": "SECTRACK",
"url": "http://securitytracker.com/id?1023018"
},
{
"name": "20091014 Cisco Unified Presence Denial of Service Vulnerabilities",
"refsource": "CISCO",
"url": "http://www.cisco.com/en/US/products/products_security_advisory09186a0080afc930.shtml"
}
]
}
}
}
},
"cveMetadata": {
"assignerOrgId": "d1c1063e-7a18-46af-9102-31f8928bc633",
"assignerShortName": "cisco",
"cveId": "CVE-2009-2874",
"datePublished": "2009-10-16T16:00:00",
"dateReserved": "2009-08-19T00:00:00",
"dateUpdated": "2024-08-07T06:07:37.215Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
cve-2007-3776
Vulnerability from cvelistv5
Published
2007-07-15 22:00
Modified
2024-08-07 14:28
Severity ?
EPSS score ?
Summary
Cisco Unified Communications Manager (CUCM, formerly CallManager) and Unified Presence Server (CUPS) allow remote attackers to obtain sensitive information via unspecified vectors that reveal the SNMP community strings and configuration settings, aka (1) CSCsj20668 and (2) CSCsj25962.
References
| ▼ | URL | Tags |
|---|---|---|
| http://securitytracker.com/id?1018368 | vdb-entry, x_refsource_SECTRACK | |
| http://www.cisco.com/warp/public/707/cisco-sa-20070711-voip.shtml | vendor-advisory, x_refsource_CISCO | |
| http://secunia.com/advisories/26039 | third-party-advisory, x_refsource_SECUNIA | |
| http://www.securityfocus.com/bid/24867 | vdb-entry, x_refsource_BID | |
| http://www.vupen.com/english/advisories/2007/2511 | vdb-entry, x_refsource_VUPEN | |
| https://exchange.xforce.ibmcloud.com/vulnerabilities/35344 | vdb-entry, x_refsource_XF | |
| http://osvdb.org/36124 | vdb-entry, x_refsource_OSVDB |
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-07T14:28:52.377Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"name": "1018368",
"tags": [
"vdb-entry",
"x_refsource_SECTRACK",
"x_transferred"
],
"url": "http://securitytracker.com/id?1018368"
},
{
"name": "20070711 Cisco Unified Communications Manager and Presence Server Unauthorized Access Vulnerabilities",
"tags": [
"vendor-advisory",
"x_refsource_CISCO",
"x_transferred"
],
"url": "http://www.cisco.com/warp/public/707/cisco-sa-20070711-voip.shtml"
},
{
"name": "26039",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA",
"x_transferred"
],
"url": "http://secunia.com/advisories/26039"
},
{
"name": "24867",
"tags": [
"vdb-entry",
"x_refsource_BID",
"x_transferred"
],
"url": "http://www.securityfocus.com/bid/24867"
},
{
"name": "ADV-2007-2511",
"tags": [
"vdb-entry",
"x_refsource_VUPEN",
"x_transferred"
],
"url": "http://www.vupen.com/english/advisories/2007/2511"
},
{
"name": "cisco-callmanager-presence-info-disclosure(35344)",
"tags": [
"vdb-entry",
"x_refsource_XF",
"x_transferred"
],
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/35344"
},
{
"name": "36124",
"tags": [
"vdb-entry",
"x_refsource_OSVDB",
"x_transferred"
],
"url": "http://osvdb.org/36124"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "n/a",
"vendor": "n/a",
"versions": [
{
"status": "affected",
"version": "n/a"
}
]
}
],
"datePublic": "2007-07-11T00:00:00",
"descriptions": [
{
"lang": "en",
"value": "Cisco Unified Communications Manager (CUCM, formerly CallManager) and Unified Presence Server (CUPS) allow remote attackers to obtain sensitive information via unspecified vectors that reveal the SNMP community strings and configuration settings, aka (1) CSCsj20668 and (2) CSCsj25962."
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "n/a",
"lang": "en",
"type": "text"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2017-07-28T12:57:01",
"orgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"shortName": "mitre"
},
"references": [
{
"name": "1018368",
"tags": [
"vdb-entry",
"x_refsource_SECTRACK"
],
"url": "http://securitytracker.com/id?1018368"
},
{
"name": "20070711 Cisco Unified Communications Manager and Presence Server Unauthorized Access Vulnerabilities",
"tags": [
"vendor-advisory",
"x_refsource_CISCO"
],
"url": "http://www.cisco.com/warp/public/707/cisco-sa-20070711-voip.shtml"
},
{
"name": "26039",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA"
],
"url": "http://secunia.com/advisories/26039"
},
{
"name": "24867",
"tags": [
"vdb-entry",
"x_refsource_BID"
],
"url": "http://www.securityfocus.com/bid/24867"
},
{
"name": "ADV-2007-2511",
"tags": [
"vdb-entry",
"x_refsource_VUPEN"
],
"url": "http://www.vupen.com/english/advisories/2007/2511"
},
{
"name": "cisco-callmanager-presence-info-disclosure(35344)",
"tags": [
"vdb-entry",
"x_refsource_XF"
],
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/35344"
},
{
"name": "36124",
"tags": [
"vdb-entry",
"x_refsource_OSVDB"
],
"url": "http://osvdb.org/36124"
}
],
"x_legacyV4Record": {
"CVE_data_meta": {
"ASSIGNER": "cve@mitre.org",
"ID": "CVE-2007-3776",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "n/a",
"version": {
"version_data": [
{
"version_value": "n/a"
}
]
}
}
]
},
"vendor_name": "n/a"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "Cisco Unified Communications Manager (CUCM, formerly CallManager) and Unified Presence Server (CUPS) allow remote attackers to obtain sensitive information via unspecified vectors that reveal the SNMP community strings and configuration settings, aka (1) CSCsj20668 and (2) CSCsj25962."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "1018368",
"refsource": "SECTRACK",
"url": "http://securitytracker.com/id?1018368"
},
{
"name": "20070711 Cisco Unified Communications Manager and Presence Server Unauthorized Access Vulnerabilities",
"refsource": "CISCO",
"url": "http://www.cisco.com/warp/public/707/cisco-sa-20070711-voip.shtml"
},
{
"name": "26039",
"refsource": "SECUNIA",
"url": "http://secunia.com/advisories/26039"
},
{
"name": "24867",
"refsource": "BID",
"url": "http://www.securityfocus.com/bid/24867"
},
{
"name": "ADV-2007-2511",
"refsource": "VUPEN",
"url": "http://www.vupen.com/english/advisories/2007/2511"
},
{
"name": "cisco-callmanager-presence-info-disclosure(35344)",
"refsource": "XF",
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/35344"
},
{
"name": "36124",
"refsource": "OSVDB",
"url": "http://osvdb.org/36124"
}
]
}
}
}
},
"cveMetadata": {
"assignerOrgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"assignerShortName": "mitre",
"cveId": "CVE-2007-3776",
"datePublished": "2007-07-15T22:00:00",
"dateReserved": "2007-07-15T00:00:00",
"dateUpdated": "2024-08-07T14:28:52.377Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
cve-2013-6983
Vulnerability from cvelistv5
Published
2013-12-31 11:00
Modified
2024-08-06 17:53
Severity ?
EPSS score ?
Summary
SQL injection vulnerability in the web interface in Cisco Unified Presence Server allows remote authenticated users to execute arbitrary SQL commands via a crafted URL, aka Bug ID CSCuh35615.
References
| ▼ | URL | Tags |
|---|---|---|
| http://tools.cisco.com/security/center/content/CiscoSecurityNotice/CVE-2013-6983 | vendor-advisory, x_refsource_CISCO | |
| http://secunia.com/advisories/56273 | third-party-advisory, x_refsource_SECUNIA | |
| http://www.securitytracker.com/id/1029547 | vdb-entry, x_refsource_SECTRACK | |
| https://exchange.xforce.ibmcloud.com/vulnerabilities/90011 | vdb-entry, x_refsource_XF | |
| http://www.securityfocus.com/bid/64551 | vdb-entry, x_refsource_BID | |
| http://osvdb.org/101514 | vdb-entry, x_refsource_OSVDB |
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-06T17:53:45.837Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"name": "20131229 Cisco Unified Presence Server SQL Injection Vulnerability",
"tags": [
"vendor-advisory",
"x_refsource_CISCO",
"x_transferred"
],
"url": "http://tools.cisco.com/security/center/content/CiscoSecurityNotice/CVE-2013-6983"
},
{
"name": "56273",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA",
"x_transferred"
],
"url": "http://secunia.com/advisories/56273"
},
{
"name": "1029547",
"tags": [
"vdb-entry",
"x_refsource_SECTRACK",
"x_transferred"
],
"url": "http://www.securitytracker.com/id/1029547"
},
{
"name": "cisco-unified-cve20136983-sql-injection(90011)",
"tags": [
"vdb-entry",
"x_refsource_XF",
"x_transferred"
],
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/90011"
},
{
"name": "64551",
"tags": [
"vdb-entry",
"x_refsource_BID",
"x_transferred"
],
"url": "http://www.securityfocus.com/bid/64551"
},
{
"name": "101514",
"tags": [
"vdb-entry",
"x_refsource_OSVDB",
"x_transferred"
],
"url": "http://osvdb.org/101514"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "n/a",
"vendor": "n/a",
"versions": [
{
"status": "affected",
"version": "n/a"
}
]
}
],
"datePublic": "2013-12-29T00:00:00",
"descriptions": [
{
"lang": "en",
"value": "SQL injection vulnerability in the web interface in Cisco Unified Presence Server allows remote authenticated users to execute arbitrary SQL commands via a crafted URL, aka Bug ID CSCuh35615."
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "n/a",
"lang": "en",
"type": "text"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2017-08-28T12:57:01",
"orgId": "d1c1063e-7a18-46af-9102-31f8928bc633",
"shortName": "cisco"
},
"references": [
{
"name": "20131229 Cisco Unified Presence Server SQL Injection Vulnerability",
"tags": [
"vendor-advisory",
"x_refsource_CISCO"
],
"url": "http://tools.cisco.com/security/center/content/CiscoSecurityNotice/CVE-2013-6983"
},
{
"name": "56273",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA"
],
"url": "http://secunia.com/advisories/56273"
},
{
"name": "1029547",
"tags": [
"vdb-entry",
"x_refsource_SECTRACK"
],
"url": "http://www.securitytracker.com/id/1029547"
},
{
"name": "cisco-unified-cve20136983-sql-injection(90011)",
"tags": [
"vdb-entry",
"x_refsource_XF"
],
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/90011"
},
{
"name": "64551",
"tags": [
"vdb-entry",
"x_refsource_BID"
],
"url": "http://www.securityfocus.com/bid/64551"
},
{
"name": "101514",
"tags": [
"vdb-entry",
"x_refsource_OSVDB"
],
"url": "http://osvdb.org/101514"
}
],
"x_legacyV4Record": {
"CVE_data_meta": {
"ASSIGNER": "psirt@cisco.com",
"ID": "CVE-2013-6983",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "n/a",
"version": {
"version_data": [
{
"version_value": "n/a"
}
]
}
}
]
},
"vendor_name": "n/a"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "SQL injection vulnerability in the web interface in Cisco Unified Presence Server allows remote authenticated users to execute arbitrary SQL commands via a crafted URL, aka Bug ID CSCuh35615."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "20131229 Cisco Unified Presence Server SQL Injection Vulnerability",
"refsource": "CISCO",
"url": "http://tools.cisco.com/security/center/content/CiscoSecurityNotice/CVE-2013-6983"
},
{
"name": "56273",
"refsource": "SECUNIA",
"url": "http://secunia.com/advisories/56273"
},
{
"name": "1029547",
"refsource": "SECTRACK",
"url": "http://www.securitytracker.com/id/1029547"
},
{
"name": "cisco-unified-cve20136983-sql-injection(90011)",
"refsource": "XF",
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/90011"
},
{
"name": "64551",
"refsource": "BID",
"url": "http://www.securityfocus.com/bid/64551"
},
{
"name": "101514",
"refsource": "OSVDB",
"url": "http://osvdb.org/101514"
}
]
}
}
}
},
"cveMetadata": {
"assignerOrgId": "d1c1063e-7a18-46af-9102-31f8928bc633",
"assignerShortName": "cisco",
"cveId": "CVE-2013-6983",
"datePublished": "2013-12-31T11:00:00",
"dateReserved": "2013-12-05T00:00:00",
"dateUpdated": "2024-08-06T17:53:45.837Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
cve-2010-2840
Vulnerability from cvelistv5
Published
2010-08-26 20:00
Modified
2024-08-07 02:46
Severity ?
EPSS score ?
Summary
The Presence Engine (PE) service in Cisco Unified Presence 6.x before 6.0(7) and 7.x before 7.0(8) does not properly handle an erroneous Contact field in the header of a SIP SUBSCRIBE message, which allows remote attackers to cause a denial of service (process failure) via a malformed message, aka Bug ID CSCtd39629.
References
| ▼ | URL | Tags |
|---|---|---|
| http://www.vupen.com/english/advisories/2010/2186 | vdb-entry, x_refsource_VUPEN | |
| http://www.cisco.com/en/US/products/products_security_advisory09186a0080b43909.shtml | vendor-advisory, x_refsource_CISCO |
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-07T02:46:48.529Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"name": "ADV-2010-2186",
"tags": [
"vdb-entry",
"x_refsource_VUPEN",
"x_transferred"
],
"url": "http://www.vupen.com/english/advisories/2010/2186"
},
{
"name": "20100825 Cisco Unified Presence Denial of Service Vulnerabilities",
"tags": [
"vendor-advisory",
"x_refsource_CISCO",
"x_transferred"
],
"url": "http://www.cisco.com/en/US/products/products_security_advisory09186a0080b43909.shtml"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "n/a",
"vendor": "n/a",
"versions": [
{
"status": "affected",
"version": "n/a"
}
]
}
],
"datePublic": "2010-08-25T00:00:00",
"descriptions": [
{
"lang": "en",
"value": "The Presence Engine (PE) service in Cisco Unified Presence 6.x before 6.0(7) and 7.x before 7.0(8) does not properly handle an erroneous Contact field in the header of a SIP SUBSCRIBE message, which allows remote attackers to cause a denial of service (process failure) via a malformed message, aka Bug ID CSCtd39629."
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "n/a",
"lang": "en",
"type": "text"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2010-09-09T09:00:00",
"orgId": "d1c1063e-7a18-46af-9102-31f8928bc633",
"shortName": "cisco"
},
"references": [
{
"name": "ADV-2010-2186",
"tags": [
"vdb-entry",
"x_refsource_VUPEN"
],
"url": "http://www.vupen.com/english/advisories/2010/2186"
},
{
"name": "20100825 Cisco Unified Presence Denial of Service Vulnerabilities",
"tags": [
"vendor-advisory",
"x_refsource_CISCO"
],
"url": "http://www.cisco.com/en/US/products/products_security_advisory09186a0080b43909.shtml"
}
],
"x_legacyV4Record": {
"CVE_data_meta": {
"ASSIGNER": "psirt@cisco.com",
"ID": "CVE-2010-2840",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "n/a",
"version": {
"version_data": [
{
"version_value": "n/a"
}
]
}
}
]
},
"vendor_name": "n/a"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "The Presence Engine (PE) service in Cisco Unified Presence 6.x before 6.0(7) and 7.x before 7.0(8) does not properly handle an erroneous Contact field in the header of a SIP SUBSCRIBE message, which allows remote attackers to cause a denial of service (process failure) via a malformed message, aka Bug ID CSCtd39629."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "ADV-2010-2186",
"refsource": "VUPEN",
"url": "http://www.vupen.com/english/advisories/2010/2186"
},
{
"name": "20100825 Cisco Unified Presence Denial of Service Vulnerabilities",
"refsource": "CISCO",
"url": "http://www.cisco.com/en/US/products/products_security_advisory09186a0080b43909.shtml"
}
]
}
}
}
},
"cveMetadata": {
"assignerOrgId": "d1c1063e-7a18-46af-9102-31f8928bc633",
"assignerShortName": "cisco",
"cveId": "CVE-2010-2840",
"datePublished": "2010-08-26T20:00:00",
"dateReserved": "2010-07-23T00:00:00",
"dateUpdated": "2024-08-07T02:46:48.529Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
cve-2007-3775
Vulnerability from cvelistv5
Published
2007-07-15 22:00
Modified
2024-08-07 14:28
Severity ?
EPSS score ?
Summary
Unspecified vulnerability in Cisco Unified Communications Manager (CUCM, formerly CallManager) and Unified Presence Server (CUPS) allows remote attackers to cause a denial of service (loss of cluster services) via unspecified vectors, aka (1) CSCsj09859 and (2) CSCsj19985.
References
| ▼ | URL | Tags |
|---|---|---|
| http://securitytracker.com/id?1018368 | vdb-entry, x_refsource_SECTRACK | |
| http://www.osvdb.org/36123 | vdb-entry, x_refsource_OSVDB | |
| http://www.cisco.com/warp/public/707/cisco-sa-20070711-voip.shtml | vendor-advisory, x_refsource_CISCO | |
| http://secunia.com/advisories/26039 | third-party-advisory, x_refsource_SECUNIA | |
| http://www.securityfocus.com/bid/24867 | vdb-entry, x_refsource_BID | |
| https://exchange.xforce.ibmcloud.com/vulnerabilities/35341 | vdb-entry, x_refsource_XF | |
| http://www.vupen.com/english/advisories/2007/2511 | vdb-entry, x_refsource_VUPEN |
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-07T14:28:52.296Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"name": "1018368",
"tags": [
"vdb-entry",
"x_refsource_SECTRACK",
"x_transferred"
],
"url": "http://securitytracker.com/id?1018368"
},
{
"name": "36123",
"tags": [
"vdb-entry",
"x_refsource_OSVDB",
"x_transferred"
],
"url": "http://www.osvdb.org/36123"
},
{
"name": "20070711 Cisco Unified Communications Manager and Presence Server Unauthorized Access Vulnerabilities",
"tags": [
"vendor-advisory",
"x_refsource_CISCO",
"x_transferred"
],
"url": "http://www.cisco.com/warp/public/707/cisco-sa-20070711-voip.shtml"
},
{
"name": "26039",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA",
"x_transferred"
],
"url": "http://secunia.com/advisories/26039"
},
{
"name": "24867",
"tags": [
"vdb-entry",
"x_refsource_BID",
"x_transferred"
],
"url": "http://www.securityfocus.com/bid/24867"
},
{
"name": "cisco-callmanager-presence-system-dos(35341)",
"tags": [
"vdb-entry",
"x_refsource_XF",
"x_transferred"
],
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/35341"
},
{
"name": "ADV-2007-2511",
"tags": [
"vdb-entry",
"x_refsource_VUPEN",
"x_transferred"
],
"url": "http://www.vupen.com/english/advisories/2007/2511"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "n/a",
"vendor": "n/a",
"versions": [
{
"status": "affected",
"version": "n/a"
}
]
}
],
"datePublic": "2007-07-11T00:00:00",
"descriptions": [
{
"lang": "en",
"value": "Unspecified vulnerability in Cisco Unified Communications Manager (CUCM, formerly CallManager) and Unified Presence Server (CUPS) allows remote attackers to cause a denial of service (loss of cluster services) via unspecified vectors, aka (1) CSCsj09859 and (2) CSCsj19985."
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "n/a",
"lang": "en",
"type": "text"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2017-07-28T12:57:01",
"orgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"shortName": "mitre"
},
"references": [
{
"name": "1018368",
"tags": [
"vdb-entry",
"x_refsource_SECTRACK"
],
"url": "http://securitytracker.com/id?1018368"
},
{
"name": "36123",
"tags": [
"vdb-entry",
"x_refsource_OSVDB"
],
"url": "http://www.osvdb.org/36123"
},
{
"name": "20070711 Cisco Unified Communications Manager and Presence Server Unauthorized Access Vulnerabilities",
"tags": [
"vendor-advisory",
"x_refsource_CISCO"
],
"url": "http://www.cisco.com/warp/public/707/cisco-sa-20070711-voip.shtml"
},
{
"name": "26039",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA"
],
"url": "http://secunia.com/advisories/26039"
},
{
"name": "24867",
"tags": [
"vdb-entry",
"x_refsource_BID"
],
"url": "http://www.securityfocus.com/bid/24867"
},
{
"name": "cisco-callmanager-presence-system-dos(35341)",
"tags": [
"vdb-entry",
"x_refsource_XF"
],
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/35341"
},
{
"name": "ADV-2007-2511",
"tags": [
"vdb-entry",
"x_refsource_VUPEN"
],
"url": "http://www.vupen.com/english/advisories/2007/2511"
}
],
"x_legacyV4Record": {
"CVE_data_meta": {
"ASSIGNER": "cve@mitre.org",
"ID": "CVE-2007-3775",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "n/a",
"version": {
"version_data": [
{
"version_value": "n/a"
}
]
}
}
]
},
"vendor_name": "n/a"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "Unspecified vulnerability in Cisco Unified Communications Manager (CUCM, formerly CallManager) and Unified Presence Server (CUPS) allows remote attackers to cause a denial of service (loss of cluster services) via unspecified vectors, aka (1) CSCsj09859 and (2) CSCsj19985."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "1018368",
"refsource": "SECTRACK",
"url": "http://securitytracker.com/id?1018368"
},
{
"name": "36123",
"refsource": "OSVDB",
"url": "http://www.osvdb.org/36123"
},
{
"name": "20070711 Cisco Unified Communications Manager and Presence Server Unauthorized Access Vulnerabilities",
"refsource": "CISCO",
"url": "http://www.cisco.com/warp/public/707/cisco-sa-20070711-voip.shtml"
},
{
"name": "26039",
"refsource": "SECUNIA",
"url": "http://secunia.com/advisories/26039"
},
{
"name": "24867",
"refsource": "BID",
"url": "http://www.securityfocus.com/bid/24867"
},
{
"name": "cisco-callmanager-presence-system-dos(35341)",
"refsource": "XF",
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/35341"
},
{
"name": "ADV-2007-2511",
"refsource": "VUPEN",
"url": "http://www.vupen.com/english/advisories/2007/2511"
}
]
}
}
}
},
"cveMetadata": {
"assignerOrgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"assignerShortName": "mitre",
"cveId": "CVE-2007-3775",
"datePublished": "2007-07-15T22:00:00",
"dateReserved": "2007-07-15T00:00:00",
"dateUpdated": "2024-08-07T14:28:52.296Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
cve-2013-1242
Vulnerability from cvelistv5
Published
2013-05-10 10:00
Modified
2024-09-17 02:48
Severity ?
EPSS score ?
Summary
Memory leak in the web framework in the server in Cisco Unified Presence (CUP) allows remote attackers to cause a denial of service (memory consumption) via malformed TCP packets, aka Bug ID CSCug38080.
References
| ▼ | URL | Tags |
|---|---|---|
| http://tools.cisco.com/security/center/content/CiscoSecurityNotice/CVE-2013-1242 | vendor-advisory, x_refsource_CISCO |
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-06T14:57:05.110Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"name": "20130507 Cisco Unified Presence Memory Exhaustion Vulnerability",
"tags": [
"vendor-advisory",
"x_refsource_CISCO",
"x_transferred"
],
"url": "http://tools.cisco.com/security/center/content/CiscoSecurityNotice/CVE-2013-1242"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "n/a",
"vendor": "n/a",
"versions": [
{
"status": "affected",
"version": "n/a"
}
]
}
],
"descriptions": [
{
"lang": "en",
"value": "Memory leak in the web framework in the server in Cisco Unified Presence (CUP) allows remote attackers to cause a denial of service (memory consumption) via malformed TCP packets, aka Bug ID CSCug38080."
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "n/a",
"lang": "en",
"type": "text"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2013-05-10T10:00:00Z",
"orgId": "d1c1063e-7a18-46af-9102-31f8928bc633",
"shortName": "cisco"
},
"references": [
{
"name": "20130507 Cisco Unified Presence Memory Exhaustion Vulnerability",
"tags": [
"vendor-advisory",
"x_refsource_CISCO"
],
"url": "http://tools.cisco.com/security/center/content/CiscoSecurityNotice/CVE-2013-1242"
}
],
"x_legacyV4Record": {
"CVE_data_meta": {
"ASSIGNER": "psirt@cisco.com",
"ID": "CVE-2013-1242",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "n/a",
"version": {
"version_data": [
{
"version_value": "n/a"
}
]
}
}
]
},
"vendor_name": "n/a"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "Memory leak in the web framework in the server in Cisco Unified Presence (CUP) allows remote attackers to cause a denial of service (memory consumption) via malformed TCP packets, aka Bug ID CSCug38080."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "20130507 Cisco Unified Presence Memory Exhaustion Vulnerability",
"refsource": "CISCO",
"url": "http://tools.cisco.com/security/center/content/CiscoSecurityNotice/CVE-2013-1242"
}
]
}
}
}
},
"cveMetadata": {
"assignerOrgId": "d1c1063e-7a18-46af-9102-31f8928bc633",
"assignerShortName": "cisco",
"cveId": "CVE-2013-1242",
"datePublished": "2013-05-10T10:00:00Z",
"dateReserved": "2013-01-11T00:00:00Z",
"dateUpdated": "2024-09-17T02:48:03.516Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
cve-2007-1834
Vulnerability from cvelistv5
Published
2007-04-03 00:00
Modified
2024-08-07 13:13
Severity ?
EPSS score ?
Summary
Cisco Unified CallManager (CUCM) 5.0 before 5.0(4a)SU1 and Cisco Unified Presence Server (CUPS) 1.0 before 1.0(3) allow remote attackers to cause a denial of service (loss of voice services) via a flood of ICMP echo requests, aka bug ID CSCsf12698.
References
| ▼ | URL | Tags |
|---|---|---|
| http://securitytracker.com/id?1017826 | vdb-entry, x_refsource_SECTRACK | |
| http://www.vupen.com/english/advisories/2007/1144 | vdb-entry, x_refsource_VUPEN | |
| http://www.cisco.com/warp/public/707/cisco-sa-20070328-voip.shtml | vendor-advisory, x_refsource_CISCO | |
| https://exchange.xforce.ibmcloud.com/vulnerabilities/33299 | vdb-entry, x_refsource_XF | |
| http://www.securityfocus.com/bid/23181 | vdb-entry, x_refsource_BID | |
| http://secunia.com/advisories/24690 | third-party-advisory, x_refsource_SECUNIA |
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-07T13:13:40.484Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"name": "1017826",
"tags": [
"vdb-entry",
"x_refsource_SECTRACK",
"x_transferred"
],
"url": "http://securitytracker.com/id?1017826"
},
{
"name": "ADV-2007-1144",
"tags": [
"vdb-entry",
"x_refsource_VUPEN",
"x_transferred"
],
"url": "http://www.vupen.com/english/advisories/2007/1144"
},
{
"name": "20070328 Multiple Cisco Unified CallManager and Presence Server Denial of Service Vulnerabilities",
"tags": [
"vendor-advisory",
"x_refsource_CISCO",
"x_transferred"
],
"url": "http://www.cisco.com/warp/public/707/cisco-sa-20070328-voip.shtml"
},
{
"name": "cisco-callmanager-presence-icmp-dos(33299)",
"tags": [
"vdb-entry",
"x_refsource_XF",
"x_transferred"
],
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/33299"
},
{
"name": "23181",
"tags": [
"vdb-entry",
"x_refsource_BID",
"x_transferred"
],
"url": "http://www.securityfocus.com/bid/23181"
},
{
"name": "24690",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA",
"x_transferred"
],
"url": "http://secunia.com/advisories/24690"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "n/a",
"vendor": "n/a",
"versions": [
{
"status": "affected",
"version": "n/a"
}
]
}
],
"datePublic": "2007-03-28T00:00:00",
"descriptions": [
{
"lang": "en",
"value": "Cisco Unified CallManager (CUCM) 5.0 before 5.0(4a)SU1 and Cisco Unified Presence Server (CUPS) 1.0 before 1.0(3) allow remote attackers to cause a denial of service (loss of voice services) via a flood of ICMP echo requests, aka bug ID CSCsf12698."
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "n/a",
"lang": "en",
"type": "text"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2017-07-28T12:57:01",
"orgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"shortName": "mitre"
},
"references": [
{
"name": "1017826",
"tags": [
"vdb-entry",
"x_refsource_SECTRACK"
],
"url": "http://securitytracker.com/id?1017826"
},
{
"name": "ADV-2007-1144",
"tags": [
"vdb-entry",
"x_refsource_VUPEN"
],
"url": "http://www.vupen.com/english/advisories/2007/1144"
},
{
"name": "20070328 Multiple Cisco Unified CallManager and Presence Server Denial of Service Vulnerabilities",
"tags": [
"vendor-advisory",
"x_refsource_CISCO"
],
"url": "http://www.cisco.com/warp/public/707/cisco-sa-20070328-voip.shtml"
},
{
"name": "cisco-callmanager-presence-icmp-dos(33299)",
"tags": [
"vdb-entry",
"x_refsource_XF"
],
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/33299"
},
{
"name": "23181",
"tags": [
"vdb-entry",
"x_refsource_BID"
],
"url": "http://www.securityfocus.com/bid/23181"
},
{
"name": "24690",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA"
],
"url": "http://secunia.com/advisories/24690"
}
],
"x_legacyV4Record": {
"CVE_data_meta": {
"ASSIGNER": "cve@mitre.org",
"ID": "CVE-2007-1834",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "n/a",
"version": {
"version_data": [
{
"version_value": "n/a"
}
]
}
}
]
},
"vendor_name": "n/a"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "Cisco Unified CallManager (CUCM) 5.0 before 5.0(4a)SU1 and Cisco Unified Presence Server (CUPS) 1.0 before 1.0(3) allow remote attackers to cause a denial of service (loss of voice services) via a flood of ICMP echo requests, aka bug ID CSCsf12698."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "1017826",
"refsource": "SECTRACK",
"url": "http://securitytracker.com/id?1017826"
},
{
"name": "ADV-2007-1144",
"refsource": "VUPEN",
"url": "http://www.vupen.com/english/advisories/2007/1144"
},
{
"name": "20070328 Multiple Cisco Unified CallManager and Presence Server Denial of Service Vulnerabilities",
"refsource": "CISCO",
"url": "http://www.cisco.com/warp/public/707/cisco-sa-20070328-voip.shtml"
},
{
"name": "cisco-callmanager-presence-icmp-dos(33299)",
"refsource": "XF",
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/33299"
},
{
"name": "23181",
"refsource": "BID",
"url": "http://www.securityfocus.com/bid/23181"
},
{
"name": "24690",
"refsource": "SECUNIA",
"url": "http://secunia.com/advisories/24690"
}
]
}
}
}
},
"cveMetadata": {
"assignerOrgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"assignerShortName": "mitre",
"cveId": "CVE-2007-1834",
"datePublished": "2007-04-03T00:00:00",
"dateReserved": "2007-04-02T00:00:00",
"dateUpdated": "2024-08-07T13:13:40.484Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
cve-2008-1158
Vulnerability from cvelistv5
Published
2008-05-16 06:54
Modified
2024-08-07 08:08
Severity ?
EPSS score ?
Summary
The Presence Engine (PE) service in Cisco Unified Presence before 6.0(1) allows remote attackers to cause a denial of service (core dump and service interruption) via malformed packets, aka Bug ID CSCsh50164.
References
| ▼ | URL | Tags |
|---|---|---|
| http://www.securityfocus.com/bid/29219 | vdb-entry, x_refsource_BID | |
| http://www.cisco.com/en/US/products/products_security_advisory09186a0080995682.shtml | vendor-advisory, x_refsource_CISCO | |
| https://exchange.xforce.ibmcloud.com/vulnerabilities/42412 | vdb-entry, x_refsource_XF | |
| http://www.vupen.com/english/advisories/2008/1534 | vdb-entry, x_refsource_VUPEN | |
| http://securitytracker.com/id?1020023 | vdb-entry, x_refsource_SECTRACK | |
| http://secunia.com/advisories/30240 | third-party-advisory, x_refsource_SECUNIA |
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-07T08:08:57.730Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"name": "29219",
"tags": [
"vdb-entry",
"x_refsource_BID",
"x_transferred"
],
"url": "http://www.securityfocus.com/bid/29219"
},
{
"name": "20080514 Cisco Unified Presence Denial of Service Vulnerabilities",
"tags": [
"vendor-advisory",
"x_refsource_CISCO",
"x_transferred"
],
"url": "http://www.cisco.com/en/US/products/products_security_advisory09186a0080995682.shtml"
},
{
"name": "cisco-unifiedpresence-presenceengine-dos(42412)",
"tags": [
"vdb-entry",
"x_refsource_XF",
"x_transferred"
],
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/42412"
},
{
"name": "ADV-2008-1534",
"tags": [
"vdb-entry",
"x_refsource_VUPEN",
"x_transferred"
],
"url": "http://www.vupen.com/english/advisories/2008/1534"
},
{
"name": "1020023",
"tags": [
"vdb-entry",
"x_refsource_SECTRACK",
"x_transferred"
],
"url": "http://securitytracker.com/id?1020023"
},
{
"name": "30240",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA",
"x_transferred"
],
"url": "http://secunia.com/advisories/30240"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "n/a",
"vendor": "n/a",
"versions": [
{
"status": "affected",
"version": "n/a"
}
]
}
],
"datePublic": "2008-05-14T00:00:00",
"descriptions": [
{
"lang": "en",
"value": "The Presence Engine (PE) service in Cisco Unified Presence before 6.0(1) allows remote attackers to cause a denial of service (core dump and service interruption) via malformed packets, aka Bug ID CSCsh50164."
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "n/a",
"lang": "en",
"type": "text"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2017-08-07T12:57:01",
"orgId": "d1c1063e-7a18-46af-9102-31f8928bc633",
"shortName": "cisco"
},
"references": [
{
"name": "29219",
"tags": [
"vdb-entry",
"x_refsource_BID"
],
"url": "http://www.securityfocus.com/bid/29219"
},
{
"name": "20080514 Cisco Unified Presence Denial of Service Vulnerabilities",
"tags": [
"vendor-advisory",
"x_refsource_CISCO"
],
"url": "http://www.cisco.com/en/US/products/products_security_advisory09186a0080995682.shtml"
},
{
"name": "cisco-unifiedpresence-presenceengine-dos(42412)",
"tags": [
"vdb-entry",
"x_refsource_XF"
],
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/42412"
},
{
"name": "ADV-2008-1534",
"tags": [
"vdb-entry",
"x_refsource_VUPEN"
],
"url": "http://www.vupen.com/english/advisories/2008/1534"
},
{
"name": "1020023",
"tags": [
"vdb-entry",
"x_refsource_SECTRACK"
],
"url": "http://securitytracker.com/id?1020023"
},
{
"name": "30240",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA"
],
"url": "http://secunia.com/advisories/30240"
}
],
"x_legacyV4Record": {
"CVE_data_meta": {
"ASSIGNER": "psirt@cisco.com",
"ID": "CVE-2008-1158",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "n/a",
"version": {
"version_data": [
{
"version_value": "n/a"
}
]
}
}
]
},
"vendor_name": "n/a"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "The Presence Engine (PE) service in Cisco Unified Presence before 6.0(1) allows remote attackers to cause a denial of service (core dump and service interruption) via malformed packets, aka Bug ID CSCsh50164."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "29219",
"refsource": "BID",
"url": "http://www.securityfocus.com/bid/29219"
},
{
"name": "20080514 Cisco Unified Presence Denial of Service Vulnerabilities",
"refsource": "CISCO",
"url": "http://www.cisco.com/en/US/products/products_security_advisory09186a0080995682.shtml"
},
{
"name": "cisco-unifiedpresence-presenceengine-dos(42412)",
"refsource": "XF",
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/42412"
},
{
"name": "ADV-2008-1534",
"refsource": "VUPEN",
"url": "http://www.vupen.com/english/advisories/2008/1534"
},
{
"name": "1020023",
"refsource": "SECTRACK",
"url": "http://securitytracker.com/id?1020023"
},
{
"name": "30240",
"refsource": "SECUNIA",
"url": "http://secunia.com/advisories/30240"
}
]
}
}
}
},
"cveMetadata": {
"assignerOrgId": "d1c1063e-7a18-46af-9102-31f8928bc633",
"assignerShortName": "cisco",
"cveId": "CVE-2008-1158",
"datePublished": "2008-05-16T06:54:00",
"dateReserved": "2008-03-05T00:00:00",
"dateUpdated": "2024-08-07T08:08:57.730Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
cve-2006-5553
Vulnerability from cvelistv5
Published
2006-10-26 17:00
Modified
2024-08-07 19:55
Severity ?
EPSS score ?
Summary
Cisco Security Agent (CSA) for Linux 4.5 before 4.5.1.657 and 5.0 before 5.0.0.193, as used by Unified CallManager (CUCM) and Unified Presence Server (CUPS), allows remote attackers to cause a denial of service (resource consumption) via a port scan with certain options.
References
| ▼ | URL | Tags |
|---|---|---|
| http://securitytracker.com/id?1017118 | vdb-entry, x_refsource_SECTRACK | |
| http://www.securityfocus.com/bid/20737 | vdb-entry, x_refsource_BID | |
| https://exchange.xforce.ibmcloud.com/vulnerabilities/29829 | vdb-entry, x_refsource_XF | |
| http://www.osvdb.org/30055 | vdb-entry, x_refsource_OSVDB | |
| http://www.cisco.com/en/US/products/products_security_advisory09186a00807693c7.shtml | vendor-advisory, x_refsource_CISCO | |
| http://www.vupen.com/english/advisories/2006/4198 | vdb-entry, x_refsource_VUPEN | |
| http://secunia.com/advisories/22574 | third-party-advisory, x_refsource_SECUNIA |
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-07T19:55:53.339Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"name": "1017118",
"tags": [
"vdb-entry",
"x_refsource_SECTRACK",
"x_transferred"
],
"url": "http://securitytracker.com/id?1017118"
},
{
"name": "20737",
"tags": [
"vdb-entry",
"x_refsource_BID",
"x_transferred"
],
"url": "http://www.securityfocus.com/bid/20737"
},
{
"name": "csa-port-scan-dos(29829)",
"tags": [
"vdb-entry",
"x_refsource_XF",
"x_transferred"
],
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/29829"
},
{
"name": "30055",
"tags": [
"vdb-entry",
"x_refsource_OSVDB",
"x_transferred"
],
"url": "http://www.osvdb.org/30055"
},
{
"name": "20061025 Cisco Security Agent for Linux Port Scan Denial of Service",
"tags": [
"vendor-advisory",
"x_refsource_CISCO",
"x_transferred"
],
"url": "http://www.cisco.com/en/US/products/products_security_advisory09186a00807693c7.shtml"
},
{
"name": "ADV-2006-4198",
"tags": [
"vdb-entry",
"x_refsource_VUPEN",
"x_transferred"
],
"url": "http://www.vupen.com/english/advisories/2006/4198"
},
{
"name": "22574",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA",
"x_transferred"
],
"url": "http://secunia.com/advisories/22574"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "n/a",
"vendor": "n/a",
"versions": [
{
"status": "affected",
"version": "n/a"
}
]
}
],
"datePublic": "2006-10-25T00:00:00",
"descriptions": [
{
"lang": "en",
"value": "Cisco Security Agent (CSA) for Linux 4.5 before 4.5.1.657 and 5.0 before 5.0.0.193, as used by Unified CallManager (CUCM) and Unified Presence Server (CUPS), allows remote attackers to cause a denial of service (resource consumption) via a port scan with certain options."
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "n/a",
"lang": "en",
"type": "text"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2017-07-19T15:57:01",
"orgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"shortName": "mitre"
},
"references": [
{
"name": "1017118",
"tags": [
"vdb-entry",
"x_refsource_SECTRACK"
],
"url": "http://securitytracker.com/id?1017118"
},
{
"name": "20737",
"tags": [
"vdb-entry",
"x_refsource_BID"
],
"url": "http://www.securityfocus.com/bid/20737"
},
{
"name": "csa-port-scan-dos(29829)",
"tags": [
"vdb-entry",
"x_refsource_XF"
],
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/29829"
},
{
"name": "30055",
"tags": [
"vdb-entry",
"x_refsource_OSVDB"
],
"url": "http://www.osvdb.org/30055"
},
{
"name": "20061025 Cisco Security Agent for Linux Port Scan Denial of Service",
"tags": [
"vendor-advisory",
"x_refsource_CISCO"
],
"url": "http://www.cisco.com/en/US/products/products_security_advisory09186a00807693c7.shtml"
},
{
"name": "ADV-2006-4198",
"tags": [
"vdb-entry",
"x_refsource_VUPEN"
],
"url": "http://www.vupen.com/english/advisories/2006/4198"
},
{
"name": "22574",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA"
],
"url": "http://secunia.com/advisories/22574"
}
],
"x_legacyV4Record": {
"CVE_data_meta": {
"ASSIGNER": "cve@mitre.org",
"ID": "CVE-2006-5553",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "n/a",
"version": {
"version_data": [
{
"version_value": "n/a"
}
]
}
}
]
},
"vendor_name": "n/a"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "Cisco Security Agent (CSA) for Linux 4.5 before 4.5.1.657 and 5.0 before 5.0.0.193, as used by Unified CallManager (CUCM) and Unified Presence Server (CUPS), allows remote attackers to cause a denial of service (resource consumption) via a port scan with certain options."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "1017118",
"refsource": "SECTRACK",
"url": "http://securitytracker.com/id?1017118"
},
{
"name": "20737",
"refsource": "BID",
"url": "http://www.securityfocus.com/bid/20737"
},
{
"name": "csa-port-scan-dos(29829)",
"refsource": "XF",
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/29829"
},
{
"name": "30055",
"refsource": "OSVDB",
"url": "http://www.osvdb.org/30055"
},
{
"name": "20061025 Cisco Security Agent for Linux Port Scan Denial of Service",
"refsource": "CISCO",
"url": "http://www.cisco.com/en/US/products/products_security_advisory09186a00807693c7.shtml"
},
{
"name": "ADV-2006-4198",
"refsource": "VUPEN",
"url": "http://www.vupen.com/english/advisories/2006/4198"
},
{
"name": "22574",
"refsource": "SECUNIA",
"url": "http://secunia.com/advisories/22574"
}
]
}
}
}
},
"cveMetadata": {
"assignerOrgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"assignerShortName": "mitre",
"cveId": "CVE-2006-5553",
"datePublished": "2006-10-26T17:00:00",
"dateReserved": "2006-10-26T00:00:00",
"dateUpdated": "2024-08-07T19:55:53.339Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
cve-2014-3328
Vulnerability from cvelistv5
Published
2014-07-26 10:00
Modified
2024-08-06 10:43
Severity ?
EPSS score ?
Summary
The Intercluster Sync Agent Service in Cisco Unified Presence Server allows remote attackers to cause a denial of service via a TCP SYN flood, aka Bug ID CSCun34125.
References
| ▼ | URL | Tags |
|---|---|---|
| http://www.securityfocus.com/bid/68901 | vdb-entry, x_refsource_BID | |
| http://tools.cisco.com/security/center/content/CiscoSecurityNotice/CVE-2014-3328 | vendor-advisory, x_refsource_CISCO | |
| http://www.securitytracker.com/id/1030643 | vdb-entry, x_refsource_SECTRACK | |
| https://exchange.xforce.ibmcloud.com/vulnerabilities/94879 | vdb-entry, x_refsource_XF |
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-06T10:43:04.988Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"name": "68901",
"tags": [
"vdb-entry",
"x_refsource_BID",
"x_transferred"
],
"url": "http://www.securityfocus.com/bid/68901"
},
{
"name": "20140725 Cisco Unified Presence Server Sync Agent Vulnerability",
"tags": [
"vendor-advisory",
"x_refsource_CISCO",
"x_transferred"
],
"url": "http://tools.cisco.com/security/center/content/CiscoSecurityNotice/CVE-2014-3328"
},
{
"name": "1030643",
"tags": [
"vdb-entry",
"x_refsource_SECTRACK",
"x_transferred"
],
"url": "http://www.securitytracker.com/id/1030643"
},
{
"name": "cisco-ups-cve20143328-dos(94879)",
"tags": [
"vdb-entry",
"x_refsource_XF",
"x_transferred"
],
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/94879"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "n/a",
"vendor": "n/a",
"versions": [
{
"status": "affected",
"version": "n/a"
}
]
}
],
"datePublic": "2014-07-25T00:00:00",
"descriptions": [
{
"lang": "en",
"value": "The Intercluster Sync Agent Service in Cisco Unified Presence Server allows remote attackers to cause a denial of service via a TCP SYN flood, aka Bug ID CSCun34125."
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "n/a",
"lang": "en",
"type": "text"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2017-08-28T12:57:01",
"orgId": "d1c1063e-7a18-46af-9102-31f8928bc633",
"shortName": "cisco"
},
"references": [
{
"name": "68901",
"tags": [
"vdb-entry",
"x_refsource_BID"
],
"url": "http://www.securityfocus.com/bid/68901"
},
{
"name": "20140725 Cisco Unified Presence Server Sync Agent Vulnerability",
"tags": [
"vendor-advisory",
"x_refsource_CISCO"
],
"url": "http://tools.cisco.com/security/center/content/CiscoSecurityNotice/CVE-2014-3328"
},
{
"name": "1030643",
"tags": [
"vdb-entry",
"x_refsource_SECTRACK"
],
"url": "http://www.securitytracker.com/id/1030643"
},
{
"name": "cisco-ups-cve20143328-dos(94879)",
"tags": [
"vdb-entry",
"x_refsource_XF"
],
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/94879"
}
],
"x_legacyV4Record": {
"CVE_data_meta": {
"ASSIGNER": "psirt@cisco.com",
"ID": "CVE-2014-3328",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "n/a",
"version": {
"version_data": [
{
"version_value": "n/a"
}
]
}
}
]
},
"vendor_name": "n/a"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "The Intercluster Sync Agent Service in Cisco Unified Presence Server allows remote attackers to cause a denial of service via a TCP SYN flood, aka Bug ID CSCun34125."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "68901",
"refsource": "BID",
"url": "http://www.securityfocus.com/bid/68901"
},
{
"name": "20140725 Cisco Unified Presence Server Sync Agent Vulnerability",
"refsource": "CISCO",
"url": "http://tools.cisco.com/security/center/content/CiscoSecurityNotice/CVE-2014-3328"
},
{
"name": "1030643",
"refsource": "SECTRACK",
"url": "http://www.securitytracker.com/id/1030643"
},
{
"name": "cisco-ups-cve20143328-dos(94879)",
"refsource": "XF",
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/94879"
}
]
}
}
}
},
"cveMetadata": {
"assignerOrgId": "d1c1063e-7a18-46af-9102-31f8928bc633",
"assignerShortName": "cisco",
"cveId": "CVE-2014-3328",
"datePublished": "2014-07-26T10:00:00",
"dateReserved": "2014-05-07T00:00:00",
"dateUpdated": "2024-08-06T10:43:04.988Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
cve-2010-2839
Vulnerability from cvelistv5
Published
2010-08-26 20:00
Modified
2024-08-07 02:46
Severity ?
EPSS score ?
Summary
SIPD in Cisco Unified Presence 6.x before 6.0(7) and 7.x before 7.0(8) allows remote attackers to cause a denial of service (stack memory corruption and process failure) via a malformed SIP message, aka Bug ID CSCtd14474.
References
| ▼ | URL | Tags |
|---|---|---|
| http://www.vupen.com/english/advisories/2010/2186 | vdb-entry, x_refsource_VUPEN | |
| http://www.cisco.com/en/US/products/products_security_advisory09186a0080b43909.shtml | vendor-advisory, x_refsource_CISCO |
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-07T02:46:48.191Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"name": "ADV-2010-2186",
"tags": [
"vdb-entry",
"x_refsource_VUPEN",
"x_transferred"
],
"url": "http://www.vupen.com/english/advisories/2010/2186"
},
{
"name": "20100825 Cisco Unified Presence Denial of Service Vulnerabilities",
"tags": [
"vendor-advisory",
"x_refsource_CISCO",
"x_transferred"
],
"url": "http://www.cisco.com/en/US/products/products_security_advisory09186a0080b43909.shtml"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "n/a",
"vendor": "n/a",
"versions": [
{
"status": "affected",
"version": "n/a"
}
]
}
],
"datePublic": "2010-08-25T00:00:00",
"descriptions": [
{
"lang": "en",
"value": "SIPD in Cisco Unified Presence 6.x before 6.0(7) and 7.x before 7.0(8) allows remote attackers to cause a denial of service (stack memory corruption and process failure) via a malformed SIP message, aka Bug ID CSCtd14474."
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "n/a",
"lang": "en",
"type": "text"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2010-09-09T09:00:00",
"orgId": "d1c1063e-7a18-46af-9102-31f8928bc633",
"shortName": "cisco"
},
"references": [
{
"name": "ADV-2010-2186",
"tags": [
"vdb-entry",
"x_refsource_VUPEN"
],
"url": "http://www.vupen.com/english/advisories/2010/2186"
},
{
"name": "20100825 Cisco Unified Presence Denial of Service Vulnerabilities",
"tags": [
"vendor-advisory",
"x_refsource_CISCO"
],
"url": "http://www.cisco.com/en/US/products/products_security_advisory09186a0080b43909.shtml"
}
],
"x_legacyV4Record": {
"CVE_data_meta": {
"ASSIGNER": "psirt@cisco.com",
"ID": "CVE-2010-2839",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "n/a",
"version": {
"version_data": [
{
"version_value": "n/a"
}
]
}
}
]
},
"vendor_name": "n/a"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "SIPD in Cisco Unified Presence 6.x before 6.0(7) and 7.x before 7.0(8) allows remote attackers to cause a denial of service (stack memory corruption and process failure) via a malformed SIP message, aka Bug ID CSCtd14474."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "ADV-2010-2186",
"refsource": "VUPEN",
"url": "http://www.vupen.com/english/advisories/2010/2186"
},
{
"name": "20100825 Cisco Unified Presence Denial of Service Vulnerabilities",
"refsource": "CISCO",
"url": "http://www.cisco.com/en/US/products/products_security_advisory09186a0080b43909.shtml"
}
]
}
}
}
},
"cveMetadata": {
"assignerOrgId": "d1c1063e-7a18-46af-9102-31f8928bc633",
"assignerShortName": "cisco",
"cveId": "CVE-2010-2839",
"datePublished": "2010-08-26T20:00:00",
"dateReserved": "2010-07-23T00:00:00",
"dateUpdated": "2024-08-07T02:46:48.191Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
cve-2013-1137
Vulnerability from cvelistv5
Published
2013-02-27 21:00
Modified
2024-09-16 22:25
Severity ?
EPSS score ?
Summary
Cisco Unified Presence Server (CUPS) 8.6, 9.0, and 9.1 before 9.1.1 allows remote attackers to cause a denial of service (CPU consumption) via crafted packets to the SIP TCP port, aka Bug ID CSCua89930.
References
| ▼ | URL | Tags |
|---|---|---|
| http://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20130227-cups | vendor-advisory, x_refsource_CISCO |
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-06T14:49:20.802Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"name": "20130227 Cisco Unified Presence Server Denial of Service Vulnerability",
"tags": [
"vendor-advisory",
"x_refsource_CISCO",
"x_transferred"
],
"url": "http://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20130227-cups"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "n/a",
"vendor": "n/a",
"versions": [
{
"status": "affected",
"version": "n/a"
}
]
}
],
"descriptions": [
{
"lang": "en",
"value": "Cisco Unified Presence Server (CUPS) 8.6, 9.0, and 9.1 before 9.1.1 allows remote attackers to cause a denial of service (CPU consumption) via crafted packets to the SIP TCP port, aka Bug ID CSCua89930."
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "n/a",
"lang": "en",
"type": "text"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2013-02-27T21:00:00Z",
"orgId": "d1c1063e-7a18-46af-9102-31f8928bc633",
"shortName": "cisco"
},
"references": [
{
"name": "20130227 Cisco Unified Presence Server Denial of Service Vulnerability",
"tags": [
"vendor-advisory",
"x_refsource_CISCO"
],
"url": "http://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20130227-cups"
}
],
"x_legacyV4Record": {
"CVE_data_meta": {
"ASSIGNER": "psirt@cisco.com",
"ID": "CVE-2013-1137",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "n/a",
"version": {
"version_data": [
{
"version_value": "n/a"
}
]
}
}
]
},
"vendor_name": "n/a"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "Cisco Unified Presence Server (CUPS) 8.6, 9.0, and 9.1 before 9.1.1 allows remote attackers to cause a denial of service (CPU consumption) via crafted packets to the SIP TCP port, aka Bug ID CSCua89930."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "20130227 Cisco Unified Presence Server Denial of Service Vulnerability",
"refsource": "CISCO",
"url": "http://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20130227-cups"
}
]
}
}
}
},
"cveMetadata": {
"assignerOrgId": "d1c1063e-7a18-46af-9102-31f8928bc633",
"assignerShortName": "cisco",
"cveId": "CVE-2013-1137",
"datePublished": "2013-02-27T21:00:00Z",
"dateReserved": "2013-01-11T00:00:00Z",
"dateUpdated": "2024-09-16T22:25:52.067Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
cve-2015-4220
Vulnerability from cvelistv5
Published
2015-06-25 16:00
Modified
2024-08-06 06:11
Severity ?
EPSS score ?
Summary
Cross-site scripting (XSS) vulnerability in Cisco Unified Presence Server 9.1(1) allows remote attackers to inject arbitrary web script or HTML via an unspecified value, aka Bug ID CSCuq03773.
References
| ▼ | URL | Tags |
|---|---|---|
| http://www.securityfocus.com/bid/75407 | vdb-entry, x_refsource_BID | |
| http://www.securitytracker.com/id/1032717 | vdb-entry, x_refsource_SECTRACK | |
| http://tools.cisco.com/security/center/viewAlert.x?alertId=39504 | vendor-advisory, x_refsource_CISCO |
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-06T06:11:11.728Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"name": "75407",
"tags": [
"vdb-entry",
"x_refsource_BID",
"x_transferred"
],
"url": "http://www.securityfocus.com/bid/75407"
},
{
"name": "1032717",
"tags": [
"vdb-entry",
"x_refsource_SECTRACK",
"x_transferred"
],
"url": "http://www.securitytracker.com/id/1032717"
},
{
"name": "20150624 Cisco Unified Presence Server Cross-Site Scripting Vulnerability",
"tags": [
"vendor-advisory",
"x_refsource_CISCO",
"x_transferred"
],
"url": "http://tools.cisco.com/security/center/viewAlert.x?alertId=39504"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "n/a",
"vendor": "n/a",
"versions": [
{
"status": "affected",
"version": "n/a"
}
]
}
],
"datePublic": "2015-06-24T00:00:00",
"descriptions": [
{
"lang": "en",
"value": "Cross-site scripting (XSS) vulnerability in Cisco Unified Presence Server 9.1(1) allows remote attackers to inject arbitrary web script or HTML via an unspecified value, aka Bug ID CSCuq03773."
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "n/a",
"lang": "en",
"type": "text"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2016-12-23T18:57:01",
"orgId": "d1c1063e-7a18-46af-9102-31f8928bc633",
"shortName": "cisco"
},
"references": [
{
"name": "75407",
"tags": [
"vdb-entry",
"x_refsource_BID"
],
"url": "http://www.securityfocus.com/bid/75407"
},
{
"name": "1032717",
"tags": [
"vdb-entry",
"x_refsource_SECTRACK"
],
"url": "http://www.securitytracker.com/id/1032717"
},
{
"name": "20150624 Cisco Unified Presence Server Cross-Site Scripting Vulnerability",
"tags": [
"vendor-advisory",
"x_refsource_CISCO"
],
"url": "http://tools.cisco.com/security/center/viewAlert.x?alertId=39504"
}
],
"x_legacyV4Record": {
"CVE_data_meta": {
"ASSIGNER": "psirt@cisco.com",
"ID": "CVE-2015-4220",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "n/a",
"version": {
"version_data": [
{
"version_value": "n/a"
}
]
}
}
]
},
"vendor_name": "n/a"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "Cross-site scripting (XSS) vulnerability in Cisco Unified Presence Server 9.1(1) allows remote attackers to inject arbitrary web script or HTML via an unspecified value, aka Bug ID CSCuq03773."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "75407",
"refsource": "BID",
"url": "http://www.securityfocus.com/bid/75407"
},
{
"name": "1032717",
"refsource": "SECTRACK",
"url": "http://www.securitytracker.com/id/1032717"
},
{
"name": "20150624 Cisco Unified Presence Server Cross-Site Scripting Vulnerability",
"refsource": "CISCO",
"url": "http://tools.cisco.com/security/center/viewAlert.x?alertId=39504"
}
]
}
}
}
},
"cveMetadata": {
"assignerOrgId": "d1c1063e-7a18-46af-9102-31f8928bc633",
"assignerShortName": "cisco",
"cveId": "CVE-2015-4220",
"datePublished": "2015-06-25T16:00:00",
"dateReserved": "2015-06-04T00:00:00",
"dateUpdated": "2024-08-06T06:11:11.728Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
cve-2014-3339
Vulnerability from cvelistv5
Published
2014-08-12 23:00
Modified
2024-08-06 10:43
Severity ?
EPSS score ?
Summary
Multiple SQL injection vulnerabilities in the administrative web interface in Cisco Unified Communications Manager (CM) and Cisco Unified Presence Server (CUPS) allow remote authenticated users to execute arbitrary SQL commands via crafted input to unspecified pages, aka Bug ID CSCup74290.
References
| ▼ | URL | Tags |
|---|---|---|
| http://tools.cisco.com/security/center/content/CiscoSecurityNotice/CVE-2014-3339 | vendor-advisory, x_refsource_CISCO | |
| http://www.securityfocus.com/bid/69200 | vdb-entry, x_refsource_BID | |
| https://exchange.xforce.ibmcloud.com/vulnerabilities/95250 | vdb-entry, x_refsource_XF |
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-06T10:43:05.232Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"name": "20140812 Cisco Unified Communications Manager and Cisco Unified Presence Server SQL Injection Vulnerability",
"tags": [
"vendor-advisory",
"x_refsource_CISCO",
"x_transferred"
],
"url": "http://tools.cisco.com/security/center/content/CiscoSecurityNotice/CVE-2014-3339"
},
{
"name": "69200",
"tags": [
"vdb-entry",
"x_refsource_BID",
"x_transferred"
],
"url": "http://www.securityfocus.com/bid/69200"
},
{
"name": "cucm-cups-cve20143339-sql-injection(95250)",
"tags": [
"vdb-entry",
"x_refsource_XF",
"x_transferred"
],
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/95250"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "n/a",
"vendor": "n/a",
"versions": [
{
"status": "affected",
"version": "n/a"
}
]
}
],
"datePublic": "2014-08-12T00:00:00",
"descriptions": [
{
"lang": "en",
"value": "Multiple SQL injection vulnerabilities in the administrative web interface in Cisco Unified Communications Manager (CM) and Cisco Unified Presence Server (CUPS) allow remote authenticated users to execute arbitrary SQL commands via crafted input to unspecified pages, aka Bug ID CSCup74290."
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "n/a",
"lang": "en",
"type": "text"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2017-08-28T12:57:01",
"orgId": "d1c1063e-7a18-46af-9102-31f8928bc633",
"shortName": "cisco"
},
"references": [
{
"name": "20140812 Cisco Unified Communications Manager and Cisco Unified Presence Server SQL Injection Vulnerability",
"tags": [
"vendor-advisory",
"x_refsource_CISCO"
],
"url": "http://tools.cisco.com/security/center/content/CiscoSecurityNotice/CVE-2014-3339"
},
{
"name": "69200",
"tags": [
"vdb-entry",
"x_refsource_BID"
],
"url": "http://www.securityfocus.com/bid/69200"
},
{
"name": "cucm-cups-cve20143339-sql-injection(95250)",
"tags": [
"vdb-entry",
"x_refsource_XF"
],
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/95250"
}
],
"x_legacyV4Record": {
"CVE_data_meta": {
"ASSIGNER": "psirt@cisco.com",
"ID": "CVE-2014-3339",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "n/a",
"version": {
"version_data": [
{
"version_value": "n/a"
}
]
}
}
]
},
"vendor_name": "n/a"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "Multiple SQL injection vulnerabilities in the administrative web interface in Cisco Unified Communications Manager (CM) and Cisco Unified Presence Server (CUPS) allow remote authenticated users to execute arbitrary SQL commands via crafted input to unspecified pages, aka Bug ID CSCup74290."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "20140812 Cisco Unified Communications Manager and Cisco Unified Presence Server SQL Injection Vulnerability",
"refsource": "CISCO",
"url": "http://tools.cisco.com/security/center/content/CiscoSecurityNotice/CVE-2014-3339"
},
{
"name": "69200",
"refsource": "BID",
"url": "http://www.securityfocus.com/bid/69200"
},
{
"name": "cucm-cups-cve20143339-sql-injection(95250)",
"refsource": "XF",
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/95250"
}
]
}
}
}
},
"cveMetadata": {
"assignerOrgId": "d1c1063e-7a18-46af-9102-31f8928bc633",
"assignerShortName": "cisco",
"cveId": "CVE-2014-3339",
"datePublished": "2014-08-12T23:00:00",
"dateReserved": "2014-05-07T00:00:00",
"dateUpdated": "2024-08-06T10:43:05.232Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
cve-2011-1643
Vulnerability from cvelistv5
Published
2011-08-29 15:00
Modified
2024-09-17 00:10
Severity ?
EPSS score ?
Summary
Cisco Unified Communications Manager (aka CUCM, formerly CallManager) 6.x, 7.x before 7.1(5b)su4, 8.0, and 8.5 before 8.5(1)su2 and Cisco Unified Presence Server 6.x, 7.x, 8.0, and 8.5 before 8.5xnr allow remote attackers to read database data by connecting to a query interface through an SSL session, aka Bug IDs CSCti81574, CSCto63060, CSCto72183, and CSCto73833.
References
| ▼ | URL | Tags |
|---|---|---|
| http://www.cisco.com/en/US/products/products_security_advisory09186a0080b8f532.shtml | vendor-advisory, x_refsource_CISCO |
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-06T22:37:24.118Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"name": "20110824 Open Query Interface in Cisco Unified Communications Manager and Cisco Unified Presence Server",
"tags": [
"vendor-advisory",
"x_refsource_CISCO",
"x_transferred"
],
"url": "http://www.cisco.com/en/US/products/products_security_advisory09186a0080b8f532.shtml"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "n/a",
"vendor": "n/a",
"versions": [
{
"status": "affected",
"version": "n/a"
}
]
}
],
"descriptions": [
{
"lang": "en",
"value": "Cisco Unified Communications Manager (aka CUCM, formerly CallManager) 6.x, 7.x before 7.1(5b)su4, 8.0, and 8.5 before 8.5(1)su2 and Cisco Unified Presence Server 6.x, 7.x, 8.0, and 8.5 before 8.5xnr allow remote attackers to read database data by connecting to a query interface through an SSL session, aka Bug IDs CSCti81574, CSCto63060, CSCto72183, and CSCto73833."
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "n/a",
"lang": "en",
"type": "text"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2011-08-29T15:00:00Z",
"orgId": "d1c1063e-7a18-46af-9102-31f8928bc633",
"shortName": "cisco"
},
"references": [
{
"name": "20110824 Open Query Interface in Cisco Unified Communications Manager and Cisco Unified Presence Server",
"tags": [
"vendor-advisory",
"x_refsource_CISCO"
],
"url": "http://www.cisco.com/en/US/products/products_security_advisory09186a0080b8f532.shtml"
}
],
"x_legacyV4Record": {
"CVE_data_meta": {
"ASSIGNER": "psirt@cisco.com",
"ID": "CVE-2011-1643",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "n/a",
"version": {
"version_data": [
{
"version_value": "n/a"
}
]
}
}
]
},
"vendor_name": "n/a"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "Cisco Unified Communications Manager (aka CUCM, formerly CallManager) 6.x, 7.x before 7.1(5b)su4, 8.0, and 8.5 before 8.5(1)su2 and Cisco Unified Presence Server 6.x, 7.x, 8.0, and 8.5 before 8.5xnr allow remote attackers to read database data by connecting to a query interface through an SSL session, aka Bug IDs CSCti81574, CSCto63060, CSCto72183, and CSCto73833."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "20110824 Open Query Interface in Cisco Unified Communications Manager and Cisco Unified Presence Server",
"refsource": "CISCO",
"url": "http://www.cisco.com/en/US/products/products_security_advisory09186a0080b8f532.shtml"
}
]
}
}
}
},
"cveMetadata": {
"assignerOrgId": "d1c1063e-7a18-46af-9102-31f8928bc633",
"assignerShortName": "cisco",
"cveId": "CVE-2011-1643",
"datePublished": "2011-08-29T15:00:00Z",
"dateReserved": "2011-04-05T00:00:00Z",
"dateUpdated": "2024-09-17T00:10:43.000Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
cve-2007-1826
Vulnerability from cvelistv5
Published
2007-04-02 23:00
Modified
2024-08-07 13:13
Severity ?
EPSS score ?
Summary
Unspecified vulnerability in the IPSec Manager Service for Cisco Unified CallManager (CUCM) 5.0 before 5.0(4a)SU1 and Cisco Unified Presence Server (CUPS) 1.0 before 1.0(3) allows remote attackers to cause a denial of service (loss of cluster services) via a "specific UDP packet" to UDP port 8500, aka bug ID CSCsg60949.
References
| ▼ | URL | Tags |
|---|---|---|
| http://securitytracker.com/id?1017826 | vdb-entry, x_refsource_SECTRACK | |
| http://www.vupen.com/english/advisories/2007/1144 | vdb-entry, x_refsource_VUPEN | |
| https://exchange.xforce.ibmcloud.com/vulnerabilities/33302 | vdb-entry, x_refsource_XF | |
| http://www.cisco.com/warp/public/707/cisco-sa-20070328-voip.shtml | vendor-advisory, x_refsource_CISCO | |
| http://www.securityfocus.com/bid/23181 | vdb-entry, x_refsource_BID | |
| http://secunia.com/advisories/24690 | third-party-advisory, x_refsource_SECUNIA | |
| http://osvdb.org/34919 | vdb-entry, x_refsource_OSVDB |
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-07T13:13:40.589Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"name": "1017826",
"tags": [
"vdb-entry",
"x_refsource_SECTRACK",
"x_transferred"
],
"url": "http://securitytracker.com/id?1017826"
},
{
"name": "ADV-2007-1144",
"tags": [
"vdb-entry",
"x_refsource_VUPEN",
"x_transferred"
],
"url": "http://www.vupen.com/english/advisories/2007/1144"
},
{
"name": "cisco-callmanager-presence-ipsec-dos(33302)",
"tags": [
"vdb-entry",
"x_refsource_XF",
"x_transferred"
],
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/33302"
},
{
"name": "20070328 Multiple Cisco Unified CallManager and Presence Server Denial of Service Vulnerabilities",
"tags": [
"vendor-advisory",
"x_refsource_CISCO",
"x_transferred"
],
"url": "http://www.cisco.com/warp/public/707/cisco-sa-20070328-voip.shtml"
},
{
"name": "23181",
"tags": [
"vdb-entry",
"x_refsource_BID",
"x_transferred"
],
"url": "http://www.securityfocus.com/bid/23181"
},
{
"name": "24690",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA",
"x_transferred"
],
"url": "http://secunia.com/advisories/24690"
},
{
"name": "34919",
"tags": [
"vdb-entry",
"x_refsource_OSVDB",
"x_transferred"
],
"url": "http://osvdb.org/34919"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "n/a",
"vendor": "n/a",
"versions": [
{
"status": "affected",
"version": "n/a"
}
]
}
],
"datePublic": "2007-03-28T00:00:00",
"descriptions": [
{
"lang": "en",
"value": "Unspecified vulnerability in the IPSec Manager Service for Cisco Unified CallManager (CUCM) 5.0 before 5.0(4a)SU1 and Cisco Unified Presence Server (CUPS) 1.0 before 1.0(3) allows remote attackers to cause a denial of service (loss of cluster services) via a \"specific UDP packet\" to UDP port 8500, aka bug ID CSCsg60949."
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "n/a",
"lang": "en",
"type": "text"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2017-07-28T12:57:01",
"orgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"shortName": "mitre"
},
"references": [
{
"name": "1017826",
"tags": [
"vdb-entry",
"x_refsource_SECTRACK"
],
"url": "http://securitytracker.com/id?1017826"
},
{
"name": "ADV-2007-1144",
"tags": [
"vdb-entry",
"x_refsource_VUPEN"
],
"url": "http://www.vupen.com/english/advisories/2007/1144"
},
{
"name": "cisco-callmanager-presence-ipsec-dos(33302)",
"tags": [
"vdb-entry",
"x_refsource_XF"
],
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/33302"
},
{
"name": "20070328 Multiple Cisco Unified CallManager and Presence Server Denial of Service Vulnerabilities",
"tags": [
"vendor-advisory",
"x_refsource_CISCO"
],
"url": "http://www.cisco.com/warp/public/707/cisco-sa-20070328-voip.shtml"
},
{
"name": "23181",
"tags": [
"vdb-entry",
"x_refsource_BID"
],
"url": "http://www.securityfocus.com/bid/23181"
},
{
"name": "24690",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA"
],
"url": "http://secunia.com/advisories/24690"
},
{
"name": "34919",
"tags": [
"vdb-entry",
"x_refsource_OSVDB"
],
"url": "http://osvdb.org/34919"
}
],
"x_legacyV4Record": {
"CVE_data_meta": {
"ASSIGNER": "cve@mitre.org",
"ID": "CVE-2007-1826",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "n/a",
"version": {
"version_data": [
{
"version_value": "n/a"
}
]
}
}
]
},
"vendor_name": "n/a"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "Unspecified vulnerability in the IPSec Manager Service for Cisco Unified CallManager (CUCM) 5.0 before 5.0(4a)SU1 and Cisco Unified Presence Server (CUPS) 1.0 before 1.0(3) allows remote attackers to cause a denial of service (loss of cluster services) via a \"specific UDP packet\" to UDP port 8500, aka bug ID CSCsg60949."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "1017826",
"refsource": "SECTRACK",
"url": "http://securitytracker.com/id?1017826"
},
{
"name": "ADV-2007-1144",
"refsource": "VUPEN",
"url": "http://www.vupen.com/english/advisories/2007/1144"
},
{
"name": "cisco-callmanager-presence-ipsec-dos(33302)",
"refsource": "XF",
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/33302"
},
{
"name": "20070328 Multiple Cisco Unified CallManager and Presence Server Denial of Service Vulnerabilities",
"refsource": "CISCO",
"url": "http://www.cisco.com/warp/public/707/cisco-sa-20070328-voip.shtml"
},
{
"name": "23181",
"refsource": "BID",
"url": "http://www.securityfocus.com/bid/23181"
},
{
"name": "24690",
"refsource": "SECUNIA",
"url": "http://secunia.com/advisories/24690"
},
{
"name": "34919",
"refsource": "OSVDB",
"url": "http://osvdb.org/34919"
}
]
}
}
}
},
"cveMetadata": {
"assignerOrgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"assignerShortName": "mitre",
"cveId": "CVE-2007-1826",
"datePublished": "2007-04-02T23:00:00",
"dateReserved": "2007-04-02T00:00:00",
"dateUpdated": "2024-08-07T13:13:40.589Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
Vulnerability from fkie_nvd
Published
2007-04-02 23:19
Modified
2024-11-21 00:29
Severity ?
Summary
Unspecified vulnerability in the IPSec Manager Service for Cisco Unified CallManager (CUCM) 5.0 before 5.0(4a)SU1 and Cisco Unified Presence Server (CUPS) 1.0 before 1.0(3) allows remote attackers to cause a denial of service (loss of cluster services) via a "specific UDP packet" to UDP port 8500, aka bug ID CSCsg60949.
References
Impacted products
| Vendor | Product | Version | |
|---|---|---|---|
| cisco | unified_callmanager | 5.0 | |
| cisco | unified_callmanager | 5.0\(1\) | |
| cisco | unified_callmanager | 5.0\(2\) | |
| cisco | unified_callmanager | 5.0\(3\) | |
| cisco | unified_callmanager | 5.0\(3a\) | |
| cisco | unified_callmanager | 5.0\(4\) | |
| cisco | unified_presence_server | 1.0 | |
| cisco | unified_presence_server | 1.0\(1\) | |
| cisco | unified_presence_server | 1.0\(2\) |
{
"configurations": [
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:a:cisco:unified_callmanager:5.0:*:*:*:*:*:*:*",
"matchCriteriaId": "37FEF567-5F92-40BB-8581-3FCF584AAA1A",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:cisco:unified_callmanager:5.0\\(1\\):*:*:*:*:*:*:*",
"matchCriteriaId": "C5865997-F8B2-4ABB-96DF-3AE691A7CE5B",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:cisco:unified_callmanager:5.0\\(2\\):*:*:*:*:*:*:*",
"matchCriteriaId": "E9211420-9F35-4872-879A-5F7CA29C6299",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:cisco:unified_callmanager:5.0\\(3\\):*:*:*:*:*:*:*",
"matchCriteriaId": "D7DD4B55-4C68-45CD-988E-D470C26E5E71",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:cisco:unified_callmanager:5.0\\(3a\\):*:*:*:*:*:*:*",
"matchCriteriaId": "48C1B081-1FD7-4BBD-84BD-E1E5F80C74FE",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:cisco:unified_callmanager:5.0\\(4\\):*:*:*:*:*:*:*",
"matchCriteriaId": "BC32C417-3E61-4892-9A42-C31C6D62F09D",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:cisco:unified_presence_server:1.0:*:*:*:*:*:*:*",
"matchCriteriaId": "7F897DA4-E313-45C8-A4FB-52404D6541BE",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:cisco:unified_presence_server:1.0\\(1\\):*:*:*:*:*:*:*",
"matchCriteriaId": "22B299D9-A18B-41D9-B976-57AFDAA751DD",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:cisco:unified_presence_server:1.0\\(2\\):*:*:*:*:*:*:*",
"matchCriteriaId": "CDA3BA5D-2CEB-4AAC-8CB4-4A2CDC574076",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
}
]
}
],
"cveTags": [],
"descriptions": [
{
"lang": "en",
"value": "Unspecified vulnerability in the IPSec Manager Service for Cisco Unified CallManager (CUCM) 5.0 before 5.0(4a)SU1 and Cisco Unified Presence Server (CUPS) 1.0 before 1.0(3) allows remote attackers to cause a denial of service (loss of cluster services) via a \"specific UDP packet\" to UDP port 8500, aka bug ID CSCsg60949."
},
{
"lang": "es",
"value": "Vulnerabilidad no especificada en en el servicio IPSec Manager para Cisco Unified CallManager (CUCM) 5.0 anterior a 5.0(4a)SU1 y Cisco Unified Presence Server (CUPS) 1.0 anterior a 1.0(3) permite a atacantes remotos provocar una denegaci\u00f3n de servicio (p\u00e9rdida de servicios de cl\u00faster) mediante un \"paquete UDP espec\u00edfico\" al puerto UDP 8500, tambi\u00e9n conocido como bug ID CSCSG60949."
}
],
"id": "CVE-2007-1826",
"lastModified": "2024-11-21T00:29:14.960",
"metrics": {
"cvssMetricV2": [
{
"acInsufInfo": false,
"baseSeverity": "HIGH",
"cvssData": {
"accessComplexity": "LOW",
"accessVector": "NETWORK",
"authentication": "NONE",
"availabilityImpact": "COMPLETE",
"baseScore": 7.8,
"confidentialityImpact": "NONE",
"integrityImpact": "NONE",
"vectorString": "AV:N/AC:L/Au:N/C:N/I:N/A:C",
"version": "2.0"
},
"exploitabilityScore": 10.0,
"impactScore": 6.9,
"obtainAllPrivilege": false,
"obtainOtherPrivilege": false,
"obtainUserPrivilege": false,
"source": "nvd@nist.gov",
"type": "Primary",
"userInteractionRequired": false
}
]
},
"published": "2007-04-02T23:19:00.000",
"references": [
{
"source": "cve@mitre.org",
"url": "http://osvdb.org/34919"
},
{
"source": "cve@mitre.org",
"tags": [
"Patch",
"Vendor Advisory"
],
"url": "http://secunia.com/advisories/24690"
},
{
"source": "cve@mitre.org",
"tags": [
"Patch"
],
"url": "http://securitytracker.com/id?1017826"
},
{
"source": "cve@mitre.org",
"tags": [
"Patch",
"Vendor Advisory"
],
"url": "http://www.cisco.com/warp/public/707/cisco-sa-20070328-voip.shtml"
},
{
"source": "cve@mitre.org",
"tags": [
"Patch"
],
"url": "http://www.securityfocus.com/bid/23181"
},
{
"source": "cve@mitre.org",
"url": "http://www.vupen.com/english/advisories/2007/1144"
},
{
"source": "cve@mitre.org",
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/33302"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://osvdb.org/34919"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Patch",
"Vendor Advisory"
],
"url": "http://secunia.com/advisories/24690"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Patch"
],
"url": "http://securitytracker.com/id?1017826"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Patch",
"Vendor Advisory"
],
"url": "http://www.cisco.com/warp/public/707/cisco-sa-20070328-voip.shtml"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Patch"
],
"url": "http://www.securityfocus.com/bid/23181"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://www.vupen.com/english/advisories/2007/1144"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/33302"
}
],
"sourceIdentifier": "cve@mitre.org",
"vulnStatus": "Modified",
"weaknesses": [
{
"description": [
{
"lang": "en",
"value": "NVD-CWE-Other"
}
],
"source": "nvd@nist.gov",
"type": "Primary"
}
]
}
Vulnerability from fkie_nvd
Published
2014-08-12 23:55
Modified
2024-11-21 02:07
Severity ?
Summary
Multiple SQL injection vulnerabilities in the administrative web interface in Cisco Unified Communications Manager (CM) and Cisco Unified Presence Server (CUPS) allow remote authenticated users to execute arbitrary SQL commands via crafted input to unspecified pages, aka Bug ID CSCup74290.
References
Impacted products
| Vendor | Product | Version | |
|---|---|---|---|
| cisco | unified_communications_domain_manager | - | |
| cisco | unified_presence_server | * |
{
"configurations": [
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:a:cisco:unified_communications_domain_manager:-:*:*:*:*:*:*:*",
"matchCriteriaId": "FAC05C99-071F-47E7-A3B6-899488520663",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:cisco:unified_presence_server:*:*:*:*:*:*:*:*",
"matchCriteriaId": "7D3C9AF1-A2BF-4F56-BE38-ED6DC45E94E7",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
}
]
}
],
"cveTags": [],
"descriptions": [
{
"lang": "en",
"value": "Multiple SQL injection vulnerabilities in the administrative web interface in Cisco Unified Communications Manager (CM) and Cisco Unified Presence Server (CUPS) allow remote authenticated users to execute arbitrary SQL commands via crafted input to unspecified pages, aka Bug ID CSCup74290."
},
{
"lang": "es",
"value": "M\u00faltiples vulnerabilidades de inyecci\u00f3n SQL en la interfaz del web de administraci\u00f3n en Cisco Unified Communications Manager (CM) y Cisco Unified Presence Server (CUPS) permiten a usuarios remotos autenticados ejecutar comandos SQL arbitrarios a trav\u00e9s de entradas manipuladas en p\u00e1ginas no especificadas, tambi\u00e9n conocido como Bug ID CSCup74290."
}
],
"id": "CVE-2014-3339",
"lastModified": "2024-11-21T02:07:53.813",
"metrics": {
"cvssMetricV2": [
{
"acInsufInfo": false,
"baseSeverity": "MEDIUM",
"cvssData": {
"accessComplexity": "LOW",
"accessVector": "NETWORK",
"authentication": "SINGLE",
"availabilityImpact": "PARTIAL",
"baseScore": 6.5,
"confidentialityImpact": "PARTIAL",
"integrityImpact": "PARTIAL",
"vectorString": "AV:N/AC:L/Au:S/C:P/I:P/A:P",
"version": "2.0"
},
"exploitabilityScore": 8.0,
"impactScore": 6.4,
"obtainAllPrivilege": false,
"obtainOtherPrivilege": false,
"obtainUserPrivilege": false,
"source": "nvd@nist.gov",
"type": "Primary",
"userInteractionRequired": false
}
]
},
"published": "2014-08-12T23:55:03.957",
"references": [
{
"source": "ykramarz@cisco.com",
"tags": [
"Vendor Advisory"
],
"url": "http://tools.cisco.com/security/center/content/CiscoSecurityNotice/CVE-2014-3339"
},
{
"source": "ykramarz@cisco.com",
"url": "http://www.securityfocus.com/bid/69200"
},
{
"source": "ykramarz@cisco.com",
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/95250"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Vendor Advisory"
],
"url": "http://tools.cisco.com/security/center/content/CiscoSecurityNotice/CVE-2014-3339"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://www.securityfocus.com/bid/69200"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/95250"
}
],
"sourceIdentifier": "ykramarz@cisco.com",
"vulnStatus": "Modified",
"weaknesses": [
{
"description": [
{
"lang": "en",
"value": "CWE-89"
}
],
"source": "nvd@nist.gov",
"type": "Primary"
}
]
}
Vulnerability from fkie_nvd
Published
2013-02-27 21:55
Modified
2024-11-21 01:48
Severity ?
Summary
Cisco Unified Presence Server (CUPS) 8.6, 9.0, and 9.1 before 9.1.1 allows remote attackers to cause a denial of service (CPU consumption) via crafted packets to the SIP TCP port, aka Bug ID CSCua89930.
References
Impacted products
| Vendor | Product | Version | |
|---|---|---|---|
| cisco | unified_presence_server | 8.6 | |
| cisco | unified_presence_server | 9.0 | |
| cisco | unified_presence_server | 9.1 |
{
"configurations": [
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:a:cisco:unified_presence_server:8.6:*:*:*:*:*:*:*",
"matchCriteriaId": "130C0F92-12E1-4503-B870-633AB3BF4067",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:cisco:unified_presence_server:9.0:*:*:*:*:*:*:*",
"matchCriteriaId": "3BB3ADDF-ED23-4FF8-959F-868394821FFF",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:cisco:unified_presence_server:9.1:*:*:*:*:*:*:*",
"matchCriteriaId": "B2641314-DEC0-4AFA-8395-7D0B7241E8BA",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
}
]
}
],
"cveTags": [],
"descriptions": [
{
"lang": "en",
"value": "Cisco Unified Presence Server (CUPS) 8.6, 9.0, and 9.1 before 9.1.1 allows remote attackers to cause a denial of service (CPU consumption) via crafted packets to the SIP TCP port, aka Bug ID CSCua89930."
},
{
"lang": "es",
"value": "Cisco Unified Presence Server (CUPS) v8.6, v9.0 y v9.1 antes de v9.1.1 permite a atacantes remotos provocar una denegaci\u00f3n de servicio (consumo de CPU) a trav\u00e9s de paquetes dise\u00f1ados al puerto SIP TCP, conocido como Bug ID CSCua89930."
}
],
"id": "CVE-2013-1137",
"lastModified": "2024-11-21T01:48:58.390",
"metrics": {
"cvssMetricV2": [
{
"acInsufInfo": false,
"baseSeverity": "HIGH",
"cvssData": {
"accessComplexity": "LOW",
"accessVector": "NETWORK",
"authentication": "NONE",
"availabilityImpact": "COMPLETE",
"baseScore": 7.8,
"confidentialityImpact": "NONE",
"integrityImpact": "NONE",
"vectorString": "AV:N/AC:L/Au:N/C:N/I:N/A:C",
"version": "2.0"
},
"exploitabilityScore": 10.0,
"impactScore": 6.9,
"obtainAllPrivilege": false,
"obtainOtherPrivilege": false,
"obtainUserPrivilege": false,
"source": "nvd@nist.gov",
"type": "Primary",
"userInteractionRequired": false
}
]
},
"published": "2013-02-27T21:55:04.293",
"references": [
{
"source": "ykramarz@cisco.com",
"tags": [
"Vendor Advisory"
],
"url": "http://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20130227-cups"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Vendor Advisory"
],
"url": "http://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20130227-cups"
}
],
"sourceIdentifier": "ykramarz@cisco.com",
"vulnStatus": "Modified",
"weaknesses": [
{
"description": [
{
"lang": "en",
"value": "CWE-119"
}
],
"source": "nvd@nist.gov",
"type": "Primary"
}
]
}
Vulnerability from fkie_nvd
Published
2013-12-31 15:16
Modified
2024-11-21 02:00
Severity ?
Summary
SQL injection vulnerability in the web interface in Cisco Unified Presence Server allows remote authenticated users to execute arbitrary SQL commands via a crafted URL, aka Bug ID CSCuh35615.
References
Impacted products
| Vendor | Product | Version | |
|---|---|---|---|
| cisco | unified_presence_server | * |
{
"configurations": [
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:a:cisco:unified_presence_server:*:*:*:*:*:*:*:*",
"matchCriteriaId": "7D3C9AF1-A2BF-4F56-BE38-ED6DC45E94E7",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
}
]
}
],
"cveTags": [],
"descriptions": [
{
"lang": "en",
"value": "SQL injection vulnerability in the web interface in Cisco Unified Presence Server allows remote authenticated users to execute arbitrary SQL commands via a crafted URL, aka Bug ID CSCuh35615."
},
{
"lang": "es",
"value": "Vulnerabilidad de inyecci\u00f3n SQL en la interfaz web de Cisco Unified Presence Server permite a los usuarios remotos autenticados ejecutar comandos SQL a trav\u00e9s de una URL manipulada, tambi\u00e9n conocido como Bug ID CSCuh35615."
}
],
"id": "CVE-2013-6983",
"lastModified": "2024-11-21T02:00:06.293",
"metrics": {
"cvssMetricV2": [
{
"acInsufInfo": false,
"baseSeverity": "MEDIUM",
"cvssData": {
"accessComplexity": "LOW",
"accessVector": "NETWORK",
"authentication": "SINGLE",
"availabilityImpact": "PARTIAL",
"baseScore": 6.5,
"confidentialityImpact": "PARTIAL",
"integrityImpact": "PARTIAL",
"vectorString": "AV:N/AC:L/Au:S/C:P/I:P/A:P",
"version": "2.0"
},
"exploitabilityScore": 8.0,
"impactScore": 6.4,
"obtainAllPrivilege": false,
"obtainOtherPrivilege": false,
"obtainUserPrivilege": false,
"source": "nvd@nist.gov",
"type": "Primary",
"userInteractionRequired": false
}
]
},
"published": "2013-12-31T15:16:44.643",
"references": [
{
"source": "ykramarz@cisco.com",
"url": "http://osvdb.org/101514"
},
{
"source": "ykramarz@cisco.com",
"url": "http://secunia.com/advisories/56273"
},
{
"source": "ykramarz@cisco.com",
"tags": [
"Vendor Advisory"
],
"url": "http://tools.cisco.com/security/center/content/CiscoSecurityNotice/CVE-2013-6983"
},
{
"source": "ykramarz@cisco.com",
"tags": [
"Third Party Advisory",
"VDB Entry"
],
"url": "http://www.securityfocus.com/bid/64551"
},
{
"source": "ykramarz@cisco.com",
"tags": [
"Third Party Advisory",
"VDB Entry"
],
"url": "http://www.securitytracker.com/id/1029547"
},
{
"source": "ykramarz@cisco.com",
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/90011"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://osvdb.org/101514"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://secunia.com/advisories/56273"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Vendor Advisory"
],
"url": "http://tools.cisco.com/security/center/content/CiscoSecurityNotice/CVE-2013-6983"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Third Party Advisory",
"VDB Entry"
],
"url": "http://www.securityfocus.com/bid/64551"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Third Party Advisory",
"VDB Entry"
],
"url": "http://www.securitytracker.com/id/1029547"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/90011"
}
],
"sourceIdentifier": "ykramarz@cisco.com",
"vulnStatus": "Modified",
"weaknesses": [
{
"description": [
{
"lang": "en",
"value": "CWE-89"
}
],
"source": "nvd@nist.gov",
"type": "Primary"
}
]
}
Vulnerability from fkie_nvd
Published
2007-07-15 22:30
Modified
2024-11-21 00:34
Severity ?
Summary
Unspecified vulnerability in Cisco Unified Communications Manager (CUCM, formerly CallManager) and Unified Presence Server (CUPS) allows remote attackers to cause a denial of service (loss of cluster services) via unspecified vectors, aka (1) CSCsj09859 and (2) CSCsj19985.
References
Impacted products
| Vendor | Product | Version | |
|---|---|---|---|
| cisco | unified_communications_manager | 5.0 | |
| cisco | unified_communications_manager | 5.1\(1\) | |
| cisco | unified_communications_manager | 5.1\(2\) | |
| cisco | unified_presence_server | 1.0 | |
| cisco | unified_presence_server | 1.0\(1\) | |
| cisco | unified_presence_server | 1.0\(2\) | |
| cisco | unified_presence_server | 1.0\(3\) |
{
"configurations": [
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:a:cisco:unified_communications_manager:5.0:*:*:*:*:*:*:*",
"matchCriteriaId": "B2AF68FA-433F-46F2-B309-B60A108BECFA",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:cisco:unified_communications_manager:5.1\\(1\\):*:*:*:*:*:*:*",
"matchCriteriaId": "1B9FDFF3-2E60-4E41-9251-93283D945D94",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:cisco:unified_communications_manager:5.1\\(2\\):*:*:*:*:*:*:*",
"matchCriteriaId": "239510AD-8BB0-4515-B1DA-80DE696D25DD",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:cisco:unified_presence_server:1.0:*:*:*:*:*:*:*",
"matchCriteriaId": "7F897DA4-E313-45C8-A4FB-52404D6541BE",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:cisco:unified_presence_server:1.0\\(1\\):*:*:*:*:*:*:*",
"matchCriteriaId": "22B299D9-A18B-41D9-B976-57AFDAA751DD",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:cisco:unified_presence_server:1.0\\(2\\):*:*:*:*:*:*:*",
"matchCriteriaId": "CDA3BA5D-2CEB-4AAC-8CB4-4A2CDC574076",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:cisco:unified_presence_server:1.0\\(3\\):*:*:*:*:*:*:*",
"matchCriteriaId": "9465A4F0-44C0-4A43-962E-0CCEADA05533",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
}
]
}
],
"cveTags": [],
"descriptions": [
{
"lang": "en",
"value": "Unspecified vulnerability in Cisco Unified Communications Manager (CUCM, formerly CallManager) and Unified Presence Server (CUPS) allows remote attackers to cause a denial of service (loss of cluster services) via unspecified vectors, aka (1) CSCsj09859 and (2) CSCsj19985."
},
{
"lang": "es",
"value": "Vulnerabilidad no especificada en Cisco Unified Communications Manager (CUCM, antiguamente CallManager) y Unified Presence Server (CUPS) permite a atacantes remotos provocar una denegaci\u00f3n de servicio (p\u00e9rdida de servicios de cl\u00faster) mediante vectores no especificados, tambi\u00e9n conocido como (1) CSCsj09859 y (2) CSCsj19985."
}
],
"id": "CVE-2007-3775",
"lastModified": "2024-11-21T00:34:02.170",
"metrics": {
"cvssMetricV2": [
{
"acInsufInfo": false,
"baseSeverity": "HIGH",
"cvssData": {
"accessComplexity": "LOW",
"accessVector": "NETWORK",
"authentication": "NONE",
"availabilityImpact": "COMPLETE",
"baseScore": 7.8,
"confidentialityImpact": "NONE",
"integrityImpact": "NONE",
"vectorString": "AV:N/AC:L/Au:N/C:N/I:N/A:C",
"version": "2.0"
},
"exploitabilityScore": 10.0,
"impactScore": 6.9,
"obtainAllPrivilege": false,
"obtainOtherPrivilege": false,
"obtainUserPrivilege": false,
"source": "nvd@nist.gov",
"type": "Primary",
"userInteractionRequired": false
}
]
},
"published": "2007-07-15T22:30:00.000",
"references": [
{
"source": "cve@mitre.org",
"url": "http://secunia.com/advisories/26039"
},
{
"source": "cve@mitre.org",
"url": "http://securitytracker.com/id?1018368"
},
{
"source": "cve@mitre.org",
"tags": [
"Patch"
],
"url": "http://www.cisco.com/warp/public/707/cisco-sa-20070711-voip.shtml"
},
{
"source": "cve@mitre.org",
"url": "http://www.osvdb.org/36123"
},
{
"source": "cve@mitre.org",
"url": "http://www.securityfocus.com/bid/24867"
},
{
"source": "cve@mitre.org",
"url": "http://www.vupen.com/english/advisories/2007/2511"
},
{
"source": "cve@mitre.org",
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/35341"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://secunia.com/advisories/26039"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://securitytracker.com/id?1018368"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Patch"
],
"url": "http://www.cisco.com/warp/public/707/cisco-sa-20070711-voip.shtml"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://www.osvdb.org/36123"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://www.securityfocus.com/bid/24867"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://www.vupen.com/english/advisories/2007/2511"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/35341"
}
],
"sourceIdentifier": "cve@mitre.org",
"vulnStatus": "Modified",
"weaknesses": [
{
"description": [
{
"lang": "en",
"value": "NVD-CWE-Other"
}
],
"source": "nvd@nist.gov",
"type": "Primary"
}
]
}
Vulnerability from fkie_nvd
Published
2013-05-10 11:42
Modified
2024-11-21 01:49
Severity ?
Summary
Memory leak in the web framework in the server in Cisco Unified Presence (CUP) allows remote attackers to cause a denial of service (memory consumption) via malformed TCP packets, aka Bug ID CSCug38080.
References
Impacted products
| Vendor | Product | Version | |
|---|---|---|---|
| cisco | unified_presence_server | * |
{
"configurations": [
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:a:cisco:unified_presence_server:*:*:*:*:*:*:*:*",
"matchCriteriaId": "7D3C9AF1-A2BF-4F56-BE38-ED6DC45E94E7",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
}
]
}
],
"cveTags": [],
"descriptions": [
{
"lang": "en",
"value": "Memory leak in the web framework in the server in Cisco Unified Presence (CUP) allows remote attackers to cause a denial of service (memory consumption) via malformed TCP packets, aka Bug ID CSCug38080."
},
{
"lang": "es",
"value": "Fuga de memoria en el framework web en el servidor de Cisco Unified Presence (CUP) permite a atacantes remotos provocar una denegaci\u00f3n de servicio (consumo de memoria), a trav\u00e9s de paquetes TCP mal formados, tambi\u00e9n conocido como Bug ID CSCug38080."
}
],
"id": "CVE-2013-1242",
"lastModified": "2024-11-21T01:49:10.613",
"metrics": {
"cvssMetricV2": [
{
"acInsufInfo": false,
"baseSeverity": "MEDIUM",
"cvssData": {
"accessComplexity": "LOW",
"accessVector": "NETWORK",
"authentication": "NONE",
"availabilityImpact": "PARTIAL",
"baseScore": 5.0,
"confidentialityImpact": "NONE",
"integrityImpact": "NONE",
"vectorString": "AV:N/AC:L/Au:N/C:N/I:N/A:P",
"version": "2.0"
},
"exploitabilityScore": 10.0,
"impactScore": 2.9,
"obtainAllPrivilege": false,
"obtainOtherPrivilege": false,
"obtainUserPrivilege": false,
"source": "nvd@nist.gov",
"type": "Primary",
"userInteractionRequired": false
}
]
},
"published": "2013-05-10T11:42:30.143",
"references": [
{
"source": "ykramarz@cisco.com",
"tags": [
"Vendor Advisory"
],
"url": "http://tools.cisco.com/security/center/content/CiscoSecurityNotice/CVE-2013-1242"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Vendor Advisory"
],
"url": "http://tools.cisco.com/security/center/content/CiscoSecurityNotice/CVE-2013-1242"
}
],
"sourceIdentifier": "ykramarz@cisco.com",
"vulnStatus": "Modified",
"weaknesses": [
{
"description": [
{
"lang": "en",
"value": "CWE-399"
}
],
"source": "nvd@nist.gov",
"type": "Primary"
}
]
}
Vulnerability from fkie_nvd
Published
2008-05-16 12:54
Modified
2024-11-21 00:43
Severity ?
Summary
The Presence Engine (PE) service in Cisco Unified Presence before 6.0(1) allows remote attackers to cause a denial of service (core dump and service interruption) via malformed packets, aka Bug ID CSCsh50164.
References
Impacted products
| Vendor | Product | Version | |
|---|---|---|---|
| cisco | unified_presence | 6.0 | |
| cisco | unified_presence_server | 1.0 | |
| cisco | unified_presence_server | 1.0\(1\) | |
| cisco | unified_presence_server | 1.0\(2\) | |
| cisco | unified_presence_server | 1.0\(3\) |
{
"configurations": [
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:a:cisco:unified_presence:6.0:*:*:*:*:*:*:*",
"matchCriteriaId": "9C9B1A89-6A54-4BA7-9980-3EB46C650FFC",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:cisco:unified_presence_server:1.0:*:*:*:*:*:*:*",
"matchCriteriaId": "7F897DA4-E313-45C8-A4FB-52404D6541BE",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:cisco:unified_presence_server:1.0\\(1\\):*:*:*:*:*:*:*",
"matchCriteriaId": "22B299D9-A18B-41D9-B976-57AFDAA751DD",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:cisco:unified_presence_server:1.0\\(2\\):*:*:*:*:*:*:*",
"matchCriteriaId": "CDA3BA5D-2CEB-4AAC-8CB4-4A2CDC574076",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:cisco:unified_presence_server:1.0\\(3\\):*:*:*:*:*:*:*",
"matchCriteriaId": "9465A4F0-44C0-4A43-962E-0CCEADA05533",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
}
]
}
],
"cveTags": [],
"descriptions": [
{
"lang": "en",
"value": "The Presence Engine (PE) service in Cisco Unified Presence before 6.0(1) allows remote attackers to cause a denial of service (core dump and service interruption) via malformed packets, aka Bug ID CSCsh50164."
},
{
"lang": "es",
"value": "El servicio Presence Engine (PE) de Cisco Unified Presence versiones anteriores a 6.0(1) permite a atacantes remotos provocar una denegaci\u00f3n de servicio (core dump e interrupci\u00f3n del servicio) a trav\u00e9s de paquetes malformados, tambi\u00e9n conocido como Bug ID CSCsh50164."
}
],
"id": "CVE-2008-1158",
"lastModified": "2024-11-21T00:43:48.890",
"metrics": {
"cvssMetricV2": [
{
"acInsufInfo": false,
"baseSeverity": "HIGH",
"cvssData": {
"accessComplexity": "LOW",
"accessVector": "NETWORK",
"authentication": "NONE",
"availabilityImpact": "COMPLETE",
"baseScore": 7.8,
"confidentialityImpact": "NONE",
"integrityImpact": "NONE",
"vectorString": "AV:N/AC:L/Au:N/C:N/I:N/A:C",
"version": "2.0"
},
"exploitabilityScore": 10.0,
"impactScore": 6.9,
"obtainAllPrivilege": false,
"obtainOtherPrivilege": false,
"obtainUserPrivilege": false,
"source": "nvd@nist.gov",
"type": "Primary",
"userInteractionRequired": false
}
]
},
"published": "2008-05-16T12:54:00.000",
"references": [
{
"source": "ykramarz@cisco.com",
"url": "http://secunia.com/advisories/30240"
},
{
"source": "ykramarz@cisco.com",
"url": "http://securitytracker.com/id?1020023"
},
{
"source": "ykramarz@cisco.com",
"url": "http://www.cisco.com/en/US/products/products_security_advisory09186a0080995682.shtml"
},
{
"source": "ykramarz@cisco.com",
"url": "http://www.securityfocus.com/bid/29219"
},
{
"source": "ykramarz@cisco.com",
"url": "http://www.vupen.com/english/advisories/2008/1534"
},
{
"source": "ykramarz@cisco.com",
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/42412"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://secunia.com/advisories/30240"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://securitytracker.com/id?1020023"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://www.cisco.com/en/US/products/products_security_advisory09186a0080995682.shtml"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://www.securityfocus.com/bid/29219"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://www.vupen.com/english/advisories/2008/1534"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/42412"
}
],
"sourceIdentifier": "ykramarz@cisco.com",
"vulnStatus": "Modified",
"weaknesses": [
{
"description": [
{
"lang": "en",
"value": "CWE-20"
}
],
"source": "nvd@nist.gov",
"type": "Primary"
}
]
}
Vulnerability from fkie_nvd
Published
2015-06-25 16:59
Modified
2024-11-21 02:30
Severity ?
Summary
Cross-site scripting (XSS) vulnerability in Cisco Unified Presence Server 9.1(1) allows remote attackers to inject arbitrary web script or HTML via an unspecified value, aka Bug ID CSCuq03773.
References
| ▼ | URL | Tags | |
|---|---|---|---|
| ykramarz@cisco.com | http://tools.cisco.com/security/center/viewAlert.x?alertId=39504 | Vendor Advisory | |
| ykramarz@cisco.com | http://www.securityfocus.com/bid/75407 | Third Party Advisory, VDB Entry | |
| ykramarz@cisco.com | http://www.securitytracker.com/id/1032717 | Third Party Advisory, VDB Entry | |
| af854a3a-2127-422b-91ae-364da2661108 | http://tools.cisco.com/security/center/viewAlert.x?alertId=39504 | Vendor Advisory | |
| af854a3a-2127-422b-91ae-364da2661108 | http://www.securityfocus.com/bid/75407 | Third Party Advisory, VDB Entry | |
| af854a3a-2127-422b-91ae-364da2661108 | http://www.securitytracker.com/id/1032717 | Third Party Advisory, VDB Entry |
Impacted products
| Vendor | Product | Version | |
|---|---|---|---|
| cisco | unified_presence_server | 9.1\(1\) |
{
"configurations": [
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:a:cisco:unified_presence_server:9.1\\(1\\):*:*:*:*:*:*:*",
"matchCriteriaId": "513D7644-BCEE-45F3-9143-FF533C044CCE",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
}
]
}
],
"cveTags": [],
"descriptions": [
{
"lang": "en",
"value": "Cross-site scripting (XSS) vulnerability in Cisco Unified Presence Server 9.1(1) allows remote attackers to inject arbitrary web script or HTML via an unspecified value, aka Bug ID CSCuq03773."
},
{
"lang": "es",
"value": "Vulnerabilidad de XSS en Cisco Unified Presence Server 9.1(1) permite a atacantes remotos inyectar secuencias de comandos web arbitrarios o HTML a trav\u00e9s de un valor no especificado, tambi\u00e9n conocido como Bug ID CSCuq03773."
}
],
"id": "CVE-2015-4220",
"lastModified": "2024-11-21T02:30:39.610",
"metrics": {
"cvssMetricV2": [
{
"acInsufInfo": false,
"baseSeverity": "MEDIUM",
"cvssData": {
"accessComplexity": "MEDIUM",
"accessVector": "NETWORK",
"authentication": "NONE",
"availabilityImpact": "NONE",
"baseScore": 4.3,
"confidentialityImpact": "NONE",
"integrityImpact": "PARTIAL",
"vectorString": "AV:N/AC:M/Au:N/C:N/I:P/A:N",
"version": "2.0"
},
"exploitabilityScore": 8.6,
"impactScore": 2.9,
"obtainAllPrivilege": false,
"obtainOtherPrivilege": false,
"obtainUserPrivilege": false,
"source": "nvd@nist.gov",
"type": "Primary",
"userInteractionRequired": true
}
]
},
"published": "2015-06-25T16:59:01.220",
"references": [
{
"source": "ykramarz@cisco.com",
"tags": [
"Vendor Advisory"
],
"url": "http://tools.cisco.com/security/center/viewAlert.x?alertId=39504"
},
{
"source": "ykramarz@cisco.com",
"tags": [
"Third Party Advisory",
"VDB Entry"
],
"url": "http://www.securityfocus.com/bid/75407"
},
{
"source": "ykramarz@cisco.com",
"tags": [
"Third Party Advisory",
"VDB Entry"
],
"url": "http://www.securitytracker.com/id/1032717"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Vendor Advisory"
],
"url": "http://tools.cisco.com/security/center/viewAlert.x?alertId=39504"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Third Party Advisory",
"VDB Entry"
],
"url": "http://www.securityfocus.com/bid/75407"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Third Party Advisory",
"VDB Entry"
],
"url": "http://www.securitytracker.com/id/1032717"
}
],
"sourceIdentifier": "ykramarz@cisco.com",
"vulnStatus": "Modified",
"weaknesses": [
{
"description": [
{
"lang": "en",
"value": "CWE-79"
}
],
"source": "nvd@nist.gov",
"type": "Primary"
}
]
}
Vulnerability from fkie_nvd
Published
2006-10-26 17:07
Modified
2024-11-21 00:19
Severity ?
Summary
Cisco Security Agent (CSA) for Linux 4.5 before 4.5.1.657 and 5.0 before 5.0.0.193, as used by Unified CallManager (CUCM) and Unified Presence Server (CUPS), allows remote attackers to cause a denial of service (resource consumption) via a port scan with certain options.
References
Impacted products
| Vendor | Product | Version | |
|---|---|---|---|
| cisco | security_agent | 4.5 | |
| cisco | security_agent | 4.5.1 | |
| cisco | security_agent | 4.5.1.639 | |
| cisco | security_agent | 5.0 | |
| cisco | unified_callmanager | 5.0\(1\) | |
| cisco | unified_callmanager | 5.0\(2\) | |
| cisco | unified_callmanager | 5.0\(3\) | |
| cisco | unified_callmanager | 5.0\(3a\) | |
| cisco | unified_callmanager | 5.0\(4\) | |
| cisco | unified_presence_server | 1.0 | |
| cisco | unified_presence_server | 1.0\(2\) |
{
"configurations": [
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:a:cisco:security_agent:4.5:*:*:*:*:*:*:*",
"matchCriteriaId": "5562E755-E4A3-4656-859A-40757012BE89",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:cisco:security_agent:4.5.1:*:*:*:*:*:*:*",
"matchCriteriaId": "84A1657D-BBC9-4CF5-8F5A-486FAC8B9489",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:cisco:security_agent:4.5.1.639:*:*:*:*:*:*:*",
"matchCriteriaId": "14F08C40-7A58-4B0B-A3A1-6F23DB113F22",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:cisco:security_agent:5.0:*:*:*:*:*:*:*",
"matchCriteriaId": "E171031D-51C1-41BB-96E4-DFFF0C36B74B",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:cisco:unified_callmanager:5.0\\(1\\):*:*:*:*:*:*:*",
"matchCriteriaId": "C5865997-F8B2-4ABB-96DF-3AE691A7CE5B",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:cisco:unified_callmanager:5.0\\(2\\):*:*:*:*:*:*:*",
"matchCriteriaId": "E9211420-9F35-4872-879A-5F7CA29C6299",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:cisco:unified_callmanager:5.0\\(3\\):*:*:*:*:*:*:*",
"matchCriteriaId": "D7DD4B55-4C68-45CD-988E-D470C26E5E71",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:cisco:unified_callmanager:5.0\\(3a\\):*:*:*:*:*:*:*",
"matchCriteriaId": "48C1B081-1FD7-4BBD-84BD-E1E5F80C74FE",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:cisco:unified_callmanager:5.0\\(4\\):*:*:*:*:*:*:*",
"matchCriteriaId": "BC32C417-3E61-4892-9A42-C31C6D62F09D",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:cisco:unified_presence_server:1.0:*:*:*:*:*:*:*",
"matchCriteriaId": "7F897DA4-E313-45C8-A4FB-52404D6541BE",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:cisco:unified_presence_server:1.0\\(2\\):*:*:*:*:*:*:*",
"matchCriteriaId": "CDA3BA5D-2CEB-4AAC-8CB4-4A2CDC574076",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
}
]
}
],
"cveTags": [],
"descriptions": [
{
"lang": "en",
"value": "Cisco Security Agent (CSA) for Linux 4.5 before 4.5.1.657 and 5.0 before 5.0.0.193, as used by Unified CallManager (CUCM) and Unified Presence Server (CUPS), allows remote attackers to cause a denial of service (resource consumption) via a port scan with certain options."
},
{
"lang": "es",
"value": "Cisco Security Agent (CSA) para Linux 4.5 anteriores a 4.5.1.657 y 5.0 anteriores a 5.0.0.193, tal y como se usan en Unified CallManager (CUCM) y Unified Presence Server (CUPS), permite a atacantes remotos provocar una denegaci\u00f3n de servicio (resource consumption) mediante una exploraci\u00f3n de puertos con opciones concretas."
}
],
"evaluatorSolution": "This vulnerability is addressed in the following product updates:\r\nCisco, Unified CallManager, 5.0(4)\r\nCisco, Unified CallManager, 5.0(4a) with CSA COP upgrade\r\nCisco, Unified Presence Server, 1.0(2) with CSA COP upgrade\r\nCisco, Security Agent, 5.0.193\r\nCisco, Security Agent, 4.5.1.657\r\nCisco, Security Agent, 5.1",
"id": "CVE-2006-5553",
"lastModified": "2024-11-21T00:19:42.277",
"metrics": {
"cvssMetricV2": [
{
"acInsufInfo": false,
"baseSeverity": "HIGH",
"cvssData": {
"accessComplexity": "LOW",
"accessVector": "NETWORK",
"authentication": "NONE",
"availabilityImpact": "COMPLETE",
"baseScore": 7.8,
"confidentialityImpact": "NONE",
"integrityImpact": "NONE",
"vectorString": "AV:N/AC:L/Au:N/C:N/I:N/A:C",
"version": "2.0"
},
"exploitabilityScore": 10.0,
"impactScore": 6.9,
"obtainAllPrivilege": false,
"obtainOtherPrivilege": false,
"obtainUserPrivilege": false,
"source": "nvd@nist.gov",
"type": "Primary",
"userInteractionRequired": false
}
]
},
"published": "2006-10-26T17:07:00.000",
"references": [
{
"source": "cve@mitre.org",
"url": "http://secunia.com/advisories/22574"
},
{
"source": "cve@mitre.org",
"url": "http://securitytracker.com/id?1017118"
},
{
"source": "cve@mitre.org",
"tags": [
"Patch",
"Vendor Advisory"
],
"url": "http://www.cisco.com/en/US/products/products_security_advisory09186a00807693c7.shtml"
},
{
"source": "cve@mitre.org",
"url": "http://www.osvdb.org/30055"
},
{
"source": "cve@mitre.org",
"tags": [
"Patch"
],
"url": "http://www.securityfocus.com/bid/20737"
},
{
"source": "cve@mitre.org",
"url": "http://www.vupen.com/english/advisories/2006/4198"
},
{
"source": "cve@mitre.org",
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/29829"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://secunia.com/advisories/22574"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://securitytracker.com/id?1017118"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Patch",
"Vendor Advisory"
],
"url": "http://www.cisco.com/en/US/products/products_security_advisory09186a00807693c7.shtml"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://www.osvdb.org/30055"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Patch"
],
"url": "http://www.securityfocus.com/bid/20737"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://www.vupen.com/english/advisories/2006/4198"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/29829"
}
],
"sourceIdentifier": "cve@mitre.org",
"vulnStatus": "Modified",
"weaknesses": [
{
"description": [
{
"lang": "en",
"value": "NVD-CWE-Other"
}
],
"source": "nvd@nist.gov",
"type": "Primary"
}
]
}
Vulnerability from fkie_nvd
Published
2007-07-15 22:30
Modified
2024-11-21 00:34
Severity ?
Summary
Cisco Unified Communications Manager (CUCM, formerly CallManager) and Unified Presence Server (CUPS) allow remote attackers to obtain sensitive information via unspecified vectors that reveal the SNMP community strings and configuration settings, aka (1) CSCsj20668 and (2) CSCsj25962.
References
Impacted products
| Vendor | Product | Version | |
|---|---|---|---|
| cisco | unified_communications_manager | 5.0 | |
| cisco | unified_communications_manager | 5.1\(1\) | |
| cisco | unified_communications_manager | 5.1\(2\) | |
| cisco | unified_presence_server | 1.0 | |
| cisco | unified_presence_server | 1.0\(1\) | |
| cisco | unified_presence_server | 1.0\(2\) | |
| cisco | unified_presence_server | 1.0\(3\) |
{
"configurations": [
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:a:cisco:unified_communications_manager:5.0:*:*:*:*:*:*:*",
"matchCriteriaId": "B2AF68FA-433F-46F2-B309-B60A108BECFA",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:cisco:unified_communications_manager:5.1\\(1\\):*:*:*:*:*:*:*",
"matchCriteriaId": "1B9FDFF3-2E60-4E41-9251-93283D945D94",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:cisco:unified_communications_manager:5.1\\(2\\):*:*:*:*:*:*:*",
"matchCriteriaId": "239510AD-8BB0-4515-B1DA-80DE696D25DD",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:cisco:unified_presence_server:1.0:*:*:*:*:*:*:*",
"matchCriteriaId": "7F897DA4-E313-45C8-A4FB-52404D6541BE",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:cisco:unified_presence_server:1.0\\(1\\):*:*:*:*:*:*:*",
"matchCriteriaId": "22B299D9-A18B-41D9-B976-57AFDAA751DD",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:cisco:unified_presence_server:1.0\\(2\\):*:*:*:*:*:*:*",
"matchCriteriaId": "CDA3BA5D-2CEB-4AAC-8CB4-4A2CDC574076",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:cisco:unified_presence_server:1.0\\(3\\):*:*:*:*:*:*:*",
"matchCriteriaId": "9465A4F0-44C0-4A43-962E-0CCEADA05533",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
}
]
}
],
"cveTags": [],
"descriptions": [
{
"lang": "en",
"value": "Cisco Unified Communications Manager (CUCM, formerly CallManager) and Unified Presence Server (CUPS) allow remote attackers to obtain sensitive information via unspecified vectors that reveal the SNMP community strings and configuration settings, aka (1) CSCsj20668 and (2) CSCsj25962."
},
{
"lang": "es",
"value": "Cisco Unified Communications Manager (CUCM, antiguamente CallManager) y Unified Presence Server (CUPS) permiten a atacantes remotos obtener informaci\u00f3n sensible a trav\u00e9s de vectores sin especificar que revelan las cadenas de comunidad SNMP y las opciones de configuraci\u00f3n, tambi\u00e9n conocido como (1) CSCsj20668 y (2) CSCsj25962."
}
],
"id": "CVE-2007-3776",
"lastModified": "2024-11-21T00:34:02.313",
"metrics": {
"cvssMetricV2": [
{
"acInsufInfo": false,
"baseSeverity": "MEDIUM",
"cvssData": {
"accessComplexity": "LOW",
"accessVector": "NETWORK",
"authentication": "NONE",
"availabilityImpact": "NONE",
"baseScore": 5.0,
"confidentialityImpact": "PARTIAL",
"integrityImpact": "NONE",
"vectorString": "AV:N/AC:L/Au:N/C:P/I:N/A:N",
"version": "2.0"
},
"exploitabilityScore": 10.0,
"impactScore": 2.9,
"obtainAllPrivilege": false,
"obtainOtherPrivilege": false,
"obtainUserPrivilege": false,
"source": "nvd@nist.gov",
"type": "Primary",
"userInteractionRequired": false
}
]
},
"published": "2007-07-15T22:30:00.000",
"references": [
{
"source": "cve@mitre.org",
"url": "http://osvdb.org/36124"
},
{
"source": "cve@mitre.org",
"url": "http://secunia.com/advisories/26039"
},
{
"source": "cve@mitre.org",
"url": "http://securitytracker.com/id?1018368"
},
{
"source": "cve@mitre.org",
"tags": [
"Patch"
],
"url": "http://www.cisco.com/warp/public/707/cisco-sa-20070711-voip.shtml"
},
{
"source": "cve@mitre.org",
"url": "http://www.securityfocus.com/bid/24867"
},
{
"source": "cve@mitre.org",
"url": "http://www.vupen.com/english/advisories/2007/2511"
},
{
"source": "cve@mitre.org",
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/35344"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://osvdb.org/36124"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://secunia.com/advisories/26039"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://securitytracker.com/id?1018368"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Patch"
],
"url": "http://www.cisco.com/warp/public/707/cisco-sa-20070711-voip.shtml"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://www.securityfocus.com/bid/24867"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://www.vupen.com/english/advisories/2007/2511"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/35344"
}
],
"sourceIdentifier": "cve@mitre.org",
"vulnStatus": "Modified",
"weaknesses": [
{
"description": [
{
"lang": "en",
"value": "NVD-CWE-Other"
}
],
"source": "nvd@nist.gov",
"type": "Primary"
}
]
}
Vulnerability from fkie_nvd
Published
2010-08-26 21:00
Modified
2024-11-21 01:17
Severity ?
Summary
The Presence Engine (PE) service in Cisco Unified Presence 6.x before 6.0(7) and 7.x before 7.0(8) does not properly handle an erroneous Contact field in the header of a SIP SUBSCRIBE message, which allows remote attackers to cause a denial of service (process failure) via a malformed message, aka Bug ID CSCtd39629.
References
Impacted products
| Vendor | Product | Version | |
|---|---|---|---|
| cisco | unified_presence_server | 6.0 | |
| cisco | unified_presence_server | 6.0\(2\) | |
| cisco | unified_presence_server | 6.0\(3\) | |
| cisco | unified_presence_server | 6.0\(4\) | |
| cisco | unified_presence_server | 6.0\(5\) | |
| cisco | unified_presence_server | 6.0\(6\) | |
| cisco | unified_presence_server | 7.0 | |
| cisco | unified_presence_server | 7.0\(2\) | |
| cisco | unified_presence_server | 7.0\(3\) | |
| cisco | unified_presence_server | 7.0\(4\) | |
| cisco | unified_presence_server | 7.0\(5\) | |
| cisco | unified_presence_server | 7.0\(6\) | |
| cisco | unified_presence_server | 7.0\(7\) | |
| cisco | unified_presence_server | 6.0\(2.1101\) | |
| cisco | unified_presence_server | 6.0\(3.1101-2\) | |
| cisco | unified_presence_server | 6.0\(4.1101-5\) | |
| cisco | unified_presence_server | 6.0\(5.1101-1\) | |
| cisco | unified_presence_server | 6.0\(5.1103-2\) | |
| cisco | unified_presence_server | 6.0.5.1102-1 | |
| cisco | unified_presence_server | 7.0.3.10102-3 | |
| cisco | unified_presence_server | 7.0.3.10103-2 | |
| cisco | unified_presence_server | 7.0.4.10101-2 |
{
"configurations": [
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:a:cisco:unified_presence_server:6.0:*:*:*:*:*:*:*",
"matchCriteriaId": "6D9CEBA2-160F-4303-9C1D-C7BD7E758CFE",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:cisco:unified_presence_server:6.0\\(2\\):*:*:*:*:*:*:*",
"matchCriteriaId": "A704B14E-EC47-47E5-8AA1-35E0138B6A69",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:cisco:unified_presence_server:6.0\\(3\\):*:*:*:*:*:*:*",
"matchCriteriaId": "6F95246B-7822-4077-BC9C-3E1C0B02C139",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:cisco:unified_presence_server:6.0\\(4\\):*:*:*:*:*:*:*",
"matchCriteriaId": "A5D01D8A-9F92-4900-941C-0B481D277D95",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:cisco:unified_presence_server:6.0\\(5\\):*:*:*:*:*:*:*",
"matchCriteriaId": "E72DE400-8ACA-4D01-8BBE-7F13959F4DDC",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:cisco:unified_presence_server:6.0\\(6\\):*:*:*:*:*:*:*",
"matchCriteriaId": "F049CAA8-6FA8-4642-910C-70C8D3CEAF96",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:cisco:unified_presence_server:7.0:*:*:*:*:*:*:*",
"matchCriteriaId": "1706BFD4-817A-4BA2-8B3B-60CDF1F54A16",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:cisco:unified_presence_server:7.0\\(2\\):*:*:*:*:*:*:*",
"matchCriteriaId": "8B9C5872-317C-4A68-8E99-DEB224BAE607",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:cisco:unified_presence_server:7.0\\(3\\):*:*:*:*:*:*:*",
"matchCriteriaId": "D6F4FC53-3627-4826-8CFC-BEEBCB8CEC87",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:cisco:unified_presence_server:7.0\\(4\\):*:*:*:*:*:*:*",
"matchCriteriaId": "8BACEF63-F22A-4B39-84AE-A950AC024EB0",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:cisco:unified_presence_server:7.0\\(5\\):*:*:*:*:*:*:*",
"matchCriteriaId": "703C2FA6-B723-41B1-BEA3-87AABD6F85DC",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:cisco:unified_presence_server:7.0\\(6\\):*:*:*:*:*:*:*",
"matchCriteriaId": "80D0D477-4976-45FB-A089-5C19119D2BC6",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:cisco:unified_presence_server:7.0\\(7\\):*:*:*:*:*:*:*",
"matchCriteriaId": "0398D739-6A84-4817-AFD0-80A4513F1AD4",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
}
]
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:a:cisco:unified_presence_server:6.0\\(2.1101\\):*:*:*:*:*:*:*",
"matchCriteriaId": "33A4FA6A-D37D-465D-921A-51E429A30537",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:cisco:unified_presence_server:6.0\\(3.1101-2\\):*:*:*:*:*:*:*",
"matchCriteriaId": "BDE292F1-2F4F-40BE-9E2A-E3F1C55857EC",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:cisco:unified_presence_server:6.0\\(4.1101-5\\):*:*:*:*:*:*:*",
"matchCriteriaId": "B709CF6E-C148-4AD6-962B-A1055396DC8D",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:cisco:unified_presence_server:6.0\\(5.1101-1\\):*:*:*:*:*:*:*",
"matchCriteriaId": "0B64ACB1-C4E5-48B9-8747-4F7AFA6955A2",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:cisco:unified_presence_server:6.0\\(5.1103-2\\):*:*:*:*:*:*:*",
"matchCriteriaId": "3AB3FB41-7A7B-4342-9ED2-27ACDD29E5D6",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:cisco:unified_presence_server:6.0.5.1102-1:*:*:*:*:*:*:*",
"matchCriteriaId": "A81DC553-FFAB-4D13-8484-E174CA918D23",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:cisco:unified_presence_server:7.0.3.10102-3:*:*:*:*:*:*:*",
"matchCriteriaId": "ED42650B-EDED-4CC5-BA26-D179E7F25177",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:cisco:unified_presence_server:7.0.3.10103-2:*:*:*:*:*:*:*",
"matchCriteriaId": "B734482D-2E7E-4A4B-BB3C-3ABC2EB8FD50",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:cisco:unified_presence_server:7.0.4.10101-2:*:*:*:*:*:*:*",
"matchCriteriaId": "EE3D3770-3C99-4FCF-9B42-727A40D6062F",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
}
]
}
],
"cveTags": [],
"descriptions": [
{
"lang": "en",
"value": "The Presence Engine (PE) service in Cisco Unified Presence 6.x before 6.0(7) and 7.x before 7.0(8) does not properly handle an erroneous Contact field in the header of a SIP SUBSCRIBE message, which allows remote attackers to cause a denial of service (process failure) via a malformed message, aka Bug ID CSCtd39629."
},
{
"lang": "es",
"value": "El servicio Presence Engine (PE) en Cisco Unified Presence v6.x anterior a v6.0(7) y v7.x anterior a v7.0(8), no maneja apropiadamente un campo \"Contact\" err\u00f3neo en la cabecera de un mensaje SIP SUSCRIBE, lo que permite a atacantes remotos provocar una denegaci\u00f3n de servicio (fallo del proceso) a trav\u00e9s de un mensaje mal formado. Tambi\u00e9n conocido como Bug ID CSCtd39629."
}
],
"id": "CVE-2010-2840",
"lastModified": "2024-11-21T01:17:28.530",
"metrics": {
"cvssMetricV2": [
{
"acInsufInfo": false,
"baseSeverity": "HIGH",
"cvssData": {
"accessComplexity": "LOW",
"accessVector": "NETWORK",
"authentication": "NONE",
"availabilityImpact": "COMPLETE",
"baseScore": 7.8,
"confidentialityImpact": "NONE",
"integrityImpact": "NONE",
"vectorString": "AV:N/AC:L/Au:N/C:N/I:N/A:C",
"version": "2.0"
},
"exploitabilityScore": 10.0,
"impactScore": 6.9,
"obtainAllPrivilege": false,
"obtainOtherPrivilege": false,
"obtainUserPrivilege": false,
"source": "nvd@nist.gov",
"type": "Primary",
"userInteractionRequired": false
}
]
},
"published": "2010-08-26T21:00:01.577",
"references": [
{
"source": "ykramarz@cisco.com",
"tags": [
"Patch",
"Vendor Advisory"
],
"url": "http://www.cisco.com/en/US/products/products_security_advisory09186a0080b43909.shtml"
},
{
"source": "ykramarz@cisco.com",
"url": "http://www.vupen.com/english/advisories/2010/2186"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Patch",
"Vendor Advisory"
],
"url": "http://www.cisco.com/en/US/products/products_security_advisory09186a0080b43909.shtml"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://www.vupen.com/english/advisories/2010/2186"
}
],
"sourceIdentifier": "ykramarz@cisco.com",
"vulnStatus": "Modified",
"weaknesses": [
{
"description": [
{
"lang": "en",
"value": "CWE-20"
}
],
"source": "nvd@nist.gov",
"type": "Primary"
}
]
}
Vulnerability from fkie_nvd
Published
2014-07-26 11:11
Modified
2024-11-21 02:07
Severity ?
Summary
The Intercluster Sync Agent Service in Cisco Unified Presence Server allows remote attackers to cause a denial of service via a TCP SYN flood, aka Bug ID CSCun34125.
References
| ▼ | URL | Tags | |
|---|---|---|---|
| ykramarz@cisco.com | http://tools.cisco.com/security/center/content/CiscoSecurityNotice/CVE-2014-3328 | Vendor Advisory | |
| ykramarz@cisco.com | http://www.securityfocus.com/bid/68901 | Third Party Advisory, VDB Entry | |
| ykramarz@cisco.com | http://www.securitytracker.com/id/1030643 | Third Party Advisory, VDB Entry | |
| ykramarz@cisco.com | https://exchange.xforce.ibmcloud.com/vulnerabilities/94879 | ||
| af854a3a-2127-422b-91ae-364da2661108 | http://tools.cisco.com/security/center/content/CiscoSecurityNotice/CVE-2014-3328 | Vendor Advisory | |
| af854a3a-2127-422b-91ae-364da2661108 | http://www.securityfocus.com/bid/68901 | Third Party Advisory, VDB Entry | |
| af854a3a-2127-422b-91ae-364da2661108 | http://www.securitytracker.com/id/1030643 | Third Party Advisory, VDB Entry | |
| af854a3a-2127-422b-91ae-364da2661108 | https://exchange.xforce.ibmcloud.com/vulnerabilities/94879 |
Impacted products
| Vendor | Product | Version | |
|---|---|---|---|
| cisco | unified_presence_server | * |
{
"configurations": [
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:a:cisco:unified_presence_server:*:*:*:*:*:*:*:*",
"matchCriteriaId": "7D3C9AF1-A2BF-4F56-BE38-ED6DC45E94E7",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
}
]
}
],
"cveTags": [],
"descriptions": [
{
"lang": "en",
"value": "The Intercluster Sync Agent Service in Cisco Unified Presence Server allows remote attackers to cause a denial of service via a TCP SYN flood, aka Bug ID CSCun34125."
},
{
"lang": "es",
"value": "Intercluster Sync Agent Service en Cisco Unified Presence Server permite a atacantes remotos causar una denegaci\u00f3n de servicio a trav\u00e9s de una inundaci\u00f3n de paquetes TCP SYN, tambi\u00e9n conocido como Bug ID CSCun34125."
}
],
"evaluatorComment": "\u003ca href=\"http://cwe.mitre.org/data/definitions/400.html\" target=\"_blank\"\u003eCWE-400: Uncontrolled Resource Consumption (\u0027Resource Exhaustion\u0027)\u003c/a\u003e",
"id": "CVE-2014-3328",
"lastModified": "2024-11-21T02:07:52.583",
"metrics": {
"cvssMetricV2": [
{
"acInsufInfo": false,
"baseSeverity": "MEDIUM",
"cvssData": {
"accessComplexity": "LOW",
"accessVector": "NETWORK",
"authentication": "NONE",
"availabilityImpact": "PARTIAL",
"baseScore": 5.0,
"confidentialityImpact": "NONE",
"integrityImpact": "NONE",
"vectorString": "AV:N/AC:L/Au:N/C:N/I:N/A:P",
"version": "2.0"
},
"exploitabilityScore": 10.0,
"impactScore": 2.9,
"obtainAllPrivilege": false,
"obtainOtherPrivilege": false,
"obtainUserPrivilege": false,
"source": "nvd@nist.gov",
"type": "Primary",
"userInteractionRequired": false
}
]
},
"published": "2014-07-26T11:11:57.270",
"references": [
{
"source": "ykramarz@cisco.com",
"tags": [
"Vendor Advisory"
],
"url": "http://tools.cisco.com/security/center/content/CiscoSecurityNotice/CVE-2014-3328"
},
{
"source": "ykramarz@cisco.com",
"tags": [
"Third Party Advisory",
"VDB Entry"
],
"url": "http://www.securityfocus.com/bid/68901"
},
{
"source": "ykramarz@cisco.com",
"tags": [
"Third Party Advisory",
"VDB Entry"
],
"url": "http://www.securitytracker.com/id/1030643"
},
{
"source": "ykramarz@cisco.com",
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/94879"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Vendor Advisory"
],
"url": "http://tools.cisco.com/security/center/content/CiscoSecurityNotice/CVE-2014-3328"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Third Party Advisory",
"VDB Entry"
],
"url": "http://www.securityfocus.com/bid/68901"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Third Party Advisory",
"VDB Entry"
],
"url": "http://www.securitytracker.com/id/1030643"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/94879"
}
],
"sourceIdentifier": "ykramarz@cisco.com",
"vulnStatus": "Modified",
"weaknesses": [
{
"description": [
{
"lang": "en",
"value": "CWE-400"
}
],
"source": "nvd@nist.gov",
"type": "Primary"
}
]
}
Vulnerability from fkie_nvd
Published
2009-10-16 16:30
Modified
2024-11-21 01:05
Severity ?
Summary
The TimesTenD process in Cisco Unified Presence 1.x, 6.x before 6.0(6), and 7.x before 7.0(4) allows remote attackers to cause a denial of service (process crash) via a large number of TCP connections to ports 16200 and 22794, aka Bug ID CSCsy17662.
References
Impacted products
| Vendor | Product | Version | |
|---|---|---|---|
| cisco | unified_presence_server | 1.0 | |
| cisco | unified_presence_server | 1.0\(1\) | |
| cisco | unified_presence_server | 1.0\(2\) | |
| cisco | unified_presence_server | 1.0\(3\) | |
| cisco | unified_presence_server | 6.0 | |
| cisco | unified_presence_server | 6.0\(2\) | |
| cisco | unified_presence_server | 6.0\(3\) | |
| cisco | unified_presence_server | 6.0\(4\) | |
| cisco | unified_presence_server | 6.0\(5\) | |
| cisco | unified_presence_server | 7.0 | |
| cisco | unified_presence_server | 7.0\(2\) | |
| cisco | unified_presence_server | 7.0\(3\) |
{
"configurations": [
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:a:cisco:unified_presence_server:1.0:*:*:*:*:*:*:*",
"matchCriteriaId": "7F897DA4-E313-45C8-A4FB-52404D6541BE",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:cisco:unified_presence_server:1.0\\(1\\):*:*:*:*:*:*:*",
"matchCriteriaId": "22B299D9-A18B-41D9-B976-57AFDAA751DD",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:cisco:unified_presence_server:1.0\\(2\\):*:*:*:*:*:*:*",
"matchCriteriaId": "CDA3BA5D-2CEB-4AAC-8CB4-4A2CDC574076",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:cisco:unified_presence_server:1.0\\(3\\):*:*:*:*:*:*:*",
"matchCriteriaId": "9465A4F0-44C0-4A43-962E-0CCEADA05533",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:cisco:unified_presence_server:6.0:*:*:*:*:*:*:*",
"matchCriteriaId": "6D9CEBA2-160F-4303-9C1D-C7BD7E758CFE",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:cisco:unified_presence_server:6.0\\(2\\):*:*:*:*:*:*:*",
"matchCriteriaId": "A704B14E-EC47-47E5-8AA1-35E0138B6A69",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:cisco:unified_presence_server:6.0\\(3\\):*:*:*:*:*:*:*",
"matchCriteriaId": "6F95246B-7822-4077-BC9C-3E1C0B02C139",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:cisco:unified_presence_server:6.0\\(4\\):*:*:*:*:*:*:*",
"matchCriteriaId": "A5D01D8A-9F92-4900-941C-0B481D277D95",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:cisco:unified_presence_server:6.0\\(5\\):*:*:*:*:*:*:*",
"matchCriteriaId": "E72DE400-8ACA-4D01-8BBE-7F13959F4DDC",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:cisco:unified_presence_server:7.0:*:*:*:*:*:*:*",
"matchCriteriaId": "1706BFD4-817A-4BA2-8B3B-60CDF1F54A16",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:cisco:unified_presence_server:7.0\\(2\\):*:*:*:*:*:*:*",
"matchCriteriaId": "8B9C5872-317C-4A68-8E99-DEB224BAE607",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:cisco:unified_presence_server:7.0\\(3\\):*:*:*:*:*:*:*",
"matchCriteriaId": "D6F4FC53-3627-4826-8CFC-BEEBCB8CEC87",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
}
]
}
],
"cveTags": [],
"descriptions": [
{
"lang": "en",
"value": "The TimesTenD process in Cisco Unified Presence 1.x, 6.x before 6.0(6), and 7.x before 7.0(4) allows remote attackers to cause a denial of service (process crash) via a large number of TCP connections to ports 16200 and 22794, aka Bug ID CSCsy17662."
},
{
"lang": "es",
"value": "El proceso TimesTenD en Cisco Unified Presence v1.x, v6.x anterior a v6.0(6), y v7.x anterior a v7.0(4), permite a atacantes remotos causar una denegaci\u00f3n de servicio (cuelgue de proceso) a trav\u00e9s de un gran n\u00famero de conexiones TCP a los puertos 16200 y 22794, tambi\u00e9n conocido como Bug ID CSCsy17662."
}
],
"id": "CVE-2009-2874",
"lastModified": "2024-11-21T01:05:57.250",
"metrics": {
"cvssMetricV2": [
{
"acInsufInfo": false,
"baseSeverity": "HIGH",
"cvssData": {
"accessComplexity": "LOW",
"accessVector": "NETWORK",
"authentication": "NONE",
"availabilityImpact": "COMPLETE",
"baseScore": 7.8,
"confidentialityImpact": "NONE",
"integrityImpact": "NONE",
"vectorString": "AV:N/AC:L/Au:N/C:N/I:N/A:C",
"version": "2.0"
},
"exploitabilityScore": 10.0,
"impactScore": 6.9,
"obtainAllPrivilege": false,
"obtainOtherPrivilege": false,
"obtainUserPrivilege": false,
"source": "nvd@nist.gov",
"type": "Primary",
"userInteractionRequired": false
}
]
},
"published": "2009-10-16T16:30:00.640",
"references": [
{
"source": "ykramarz@cisco.com",
"tags": [
"Vendor Advisory"
],
"url": "http://secunia.com/advisories/37039"
},
{
"source": "ykramarz@cisco.com",
"url": "http://securitytracker.com/id?1023018"
},
{
"source": "ykramarz@cisco.com",
"tags": [
"Patch",
"Vendor Advisory"
],
"url": "http://www.cisco.com/en/US/products/products_security_advisory09186a0080afc930.shtml"
},
{
"source": "ykramarz@cisco.com",
"url": "http://www.securityfocus.com/bid/36675"
},
{
"source": "ykramarz@cisco.com",
"tags": [
"Vendor Advisory"
],
"url": "http://www.vupen.com/english/advisories/2009/2915"
},
{
"source": "ykramarz@cisco.com",
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/53772"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Vendor Advisory"
],
"url": "http://secunia.com/advisories/37039"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://securitytracker.com/id?1023018"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Patch",
"Vendor Advisory"
],
"url": "http://www.cisco.com/en/US/products/products_security_advisory09186a0080afc930.shtml"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://www.securityfocus.com/bid/36675"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Vendor Advisory"
],
"url": "http://www.vupen.com/english/advisories/2009/2915"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/53772"
}
],
"sourceIdentifier": "ykramarz@cisco.com",
"vulnStatus": "Modified",
"weaknesses": [
{
"description": [
{
"lang": "en",
"value": "NVD-CWE-Other"
}
],
"source": "nvd@nist.gov",
"type": "Primary"
}
]
}
Vulnerability from fkie_nvd
Published
2011-08-29 15:55
Modified
2024-11-21 01:26
Severity ?
Summary
Cisco Unified Communications Manager (aka CUCM, formerly CallManager) 6.x, 7.x before 7.1(5b)su4, 8.0, and 8.5 before 8.5(1)su2 and Cisco Unified Presence Server 6.x, 7.x, 8.0, and 8.5 before 8.5xnr allow remote attackers to read database data by connecting to a query interface through an SSL session, aka Bug IDs CSCti81574, CSCto63060, CSCto72183, and CSCto73833.
References
Impacted products
{
"configurations": [
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:a:cisco:unified_communications_manager:6.0:*:*:*:*:*:*:*",
"matchCriteriaId": "819AE879-5BF9-494E-8905-1E1E867EB5A9",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:cisco:unified_communications_manager:6.1\\(1\\):*:*:*:*:*:*:*",
"matchCriteriaId": "6CC94003-72B6-45C3-A07E-0A08F1562B6A",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:cisco:unified_communications_manager:6.1\\(1a\\):*:*:*:*:*:*:*",
"matchCriteriaId": "958A2707-0F1A-4719-BB9F-DC9ED129105A",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:cisco:unified_communications_manager:6.1\\(1b\\):*:*:*:*:*:*:*",
"matchCriteriaId": "48A8EE9A-458D-4619-B04D-F01A9934DC11",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:cisco:unified_communications_manager:6.1\\(2\\):*:*:*:*:*:*:*",
"matchCriteriaId": "597D9674-F44D-4A31-A2F2-2790ED698A91",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:cisco:unified_communications_manager:6.1\\(2\\)su1:*:*:*:*:*:*:*",
"matchCriteriaId": "3C2B7439-8547-41A6-AE6C-6ABCD167890E",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:cisco:unified_communications_manager:6.1\\(2\\)su1a:*:*:*:*:*:*:*",
"matchCriteriaId": "FF3EB2A0-6907-4260-BBF1-D8E6E40827FD",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:cisco:unified_communications_manager:6.1\\(3\\):*:*:*:*:*:*:*",
"matchCriteriaId": "BE122F76-ECDB-4446-825C-EF02257D8C08",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:cisco:unified_communications_manager:6.1\\(3a\\):*:*:*:*:*:*:*",
"matchCriteriaId": "44280E56-C151-4C08-804D-001F91FF2AFE",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:cisco:unified_communications_manager:6.1\\(3b\\):*:*:*:*:*:*:*",
"matchCriteriaId": "BD968A56-9539-4699-9099-0F220D283CB1",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:cisco:unified_communications_manager:6.1\\(3b\\)su1:*:*:*:*:*:*:*",
"matchCriteriaId": "E4CEBB9B-2B43-44C2-BC93-55E58C24CED4",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:cisco:unified_communications_manager:6.1\\(4\\):*:*:*:*:*:*:*",
"matchCriteriaId": "FE2597F4-9B5B-4E2E-8DA5-40D769CC57B3",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:cisco:unified_communications_manager:6.1\\(4\\)su1:*:*:*:*:*:*:*",
"matchCriteriaId": "665ACEFC-B989-42AB-BAB4-2C273CF2B702",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:cisco:unified_communications_manager:6.1\\(4a\\):*:*:*:*:*:*:*",
"matchCriteriaId": "4F9ABF04-C732-4509-8589-F58E1D5F66E0",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:cisco:unified_communications_manager:6.1\\(4a\\)su2:*:*:*:*:*:*:*",
"matchCriteriaId": "0D899431-7C91-4CB4-9CBA-D5BA34B7B330",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:cisco:unified_communications_manager:6.1\\(5\\):*:*:*:*:*:*:*",
"matchCriteriaId": "FC13697F-84A3-4793-B82E-6E8857B4FC3C",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:cisco:unified_communications_manager:6.1\\(5\\)su1:*:*:*:*:*:*:*",
"matchCriteriaId": "DC24D57B-3D0C-486D-83CB-A4E419CA9626",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:cisco:unified_communications_manager:6.1\\(5\\)su2:*:*:*:*:*:*:*",
"matchCriteriaId": "E5137D0F-0273-41EF-B3F6-2D87662B3788",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:cisco:unified_communications_manager:7.0\\(1\\)su1:*:*:*:*:*:*:*",
"matchCriteriaId": "72C54A10-998C-435F-B058-A6879CD608A1",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:cisco:unified_communications_manager:7.0\\(1\\)su1a:*:*:*:*:*:*:*",
"matchCriteriaId": "D81D69D5-E669-4DBC-A76B-E9C30A239A2B",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:cisco:unified_communications_manager:7.0\\(2\\):*:*:*:*:*:*:*",
"matchCriteriaId": "FCB47159-FA07-4317-B562-D7AB7C49E8F6",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:cisco:unified_communications_manager:7.0\\(2a\\):*:*:*:*:*:*:*",
"matchCriteriaId": "8765E016-7C6F-4C36-A22C-78ED8666F7E5",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:cisco:unified_communications_manager:7.0\\(2a\\)su1:*:*:*:*:*:*:*",
"matchCriteriaId": "2B3D5254-3E67-452E-ADB3-204A66765952",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:cisco:unified_communications_manager:7.0\\(2a\\)su2:*:*:*:*:*:*:*",
"matchCriteriaId": "9D3680AB-CEF8-4C2C-A46B-C9009E6A6590",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:cisco:unified_communications_manager:7.1\\(2a\\):*:*:*:*:*:*:*",
"matchCriteriaId": "B591E75E-040C-4D26-AF13-A4F87E048579",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:cisco:unified_communications_manager:7.1\\(2a\\)su1:*:*:*:*:*:*:*",
"matchCriteriaId": "F22B2CDE-DB49-402D-8BF2-B9458D907DDE",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:cisco:unified_communications_manager:7.1\\(2b\\):*:*:*:*:*:*:*",
"matchCriteriaId": "18986D7E-E1E6-46EB-A247-2A98224FC122",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:cisco:unified_communications_manager:7.1\\(2b\\)su1:*:*:*:*:*:*:*",
"matchCriteriaId": "BFAAC2E8-B548-4940-9492-DEAB574E7CF8",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:cisco:unified_communications_manager:7.1\\(3\\):*:*:*:*:*:*:*",
"matchCriteriaId": "46BDD926-7F96-46C5-AD9C-40B7D3C78340",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:cisco:unified_communications_manager:7.1\\(3a\\):*:*:*:*:*:*:*",
"matchCriteriaId": "7BA63076-B8A1-4672-99F3-703F7838F3A1",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:cisco:unified_communications_manager:7.1\\(3a\\)su1:*:*:*:*:*:*:*",
"matchCriteriaId": "3EADE6FA-40F8-4BEB-ABDB-77D4C0E587BC",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:cisco:unified_communications_manager:7.1\\(3a\\)su1a:*:*:*:*:*:*:*",
"matchCriteriaId": "3F84676C-75A5-48D2-889D-B48EC724336F",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:cisco:unified_communications_manager:7.1\\(3b\\):*:*:*:*:*:*:*",
"matchCriteriaId": "2EA15D48-A0DE-4091-8C78-666E98B488C4",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:cisco:unified_communications_manager:7.1\\(3b\\)su1:*:*:*:*:*:*:*",
"matchCriteriaId": "3038823F-C32D-4C1B-8228-D14B35535297",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:cisco:unified_communications_manager:7.1\\(3b\\)su2:*:*:*:*:*:*:*",
"matchCriteriaId": "617E82C3-1CB1-46B2-BCFE-94BF9DBDD1D5",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:cisco:unified_communications_manager:7.1\\(5\\):*:*:*:*:*:*:*",
"matchCriteriaId": "2ECDCE1A-176D-46E0-9C39-19FAD7B57892",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:cisco:unified_communications_manager:7.1\\(5\\)su1:*:*:*:*:*:*:*",
"matchCriteriaId": "C6856A2A-55F4-4785-BEC1-54295D7D9CD6",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:cisco:unified_communications_manager:7.1\\(5\\)su1a:*:*:*:*:*:*:*",
"matchCriteriaId": "2727998A-ED1F-4EFE-9952-7DA8486706D0",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:cisco:unified_communications_manager:7.1\\(5a\\):*:*:*:*:*:*:*",
"matchCriteriaId": "F61FD826-A08E-477C-AA57-359B10387035",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:cisco:unified_communications_manager:7.1\\(5b\\):*:*:*:*:*:*:*",
"matchCriteriaId": "7A9EDB91-350B-4ED4-A177-257023380C44",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:cisco:unified_communications_manager:7.1\\(5b\\)su1:*:*:*:*:*:*:*",
"matchCriteriaId": "2CBA6140-CEF7-4990-9A1E-76F02607BA84",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:cisco:unified_communications_manager:7.1\\(5b\\)su1a:*:*:*:*:*:*:*",
"matchCriteriaId": "9DCF2F2A-DF52-4BD8-A56B-B4E91CD1D1E6",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:cisco:unified_communications_manager:7.1\\(5b\\)su2:*:*:*:*:*:*:*",
"matchCriteriaId": "9F0A5B28-0211-4173-BD91-67BCA3267C95",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:cisco:unified_communications_manager:7.1\\(5b\\)su3:*:*:*:*:*:*:*",
"matchCriteriaId": "74323C2F-949A-4A97-8A1A-1D0A470B93BC",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:cisco:unified_communications_manager:8.0:*:*:*:*:*:*:*",
"matchCriteriaId": "248E4608-B870-4913-8048-3771685CBD77",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:cisco:unified_communications_manager:8.5:*:*:*:*:*:*:*",
"matchCriteriaId": "3E1FA195-A711-4861-9B3D-A36D55C0F49D",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:cisco:unified_communications_manager:8.5\\(1\\):*:*:*:*:*:*:*",
"matchCriteriaId": "F252947A-82FE-4133-AA4F-E17758D7ECF7",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:cisco:unified_communications_manager:8.5\\(1\\)su1:*:*:*:*:*:*:*",
"matchCriteriaId": "F61E277B-475A-40EC-8A67-CE2A17C94185",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
}
]
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:a:cisco:unified_presence_server:6.0\\(1\\):*:*:*:*:*:*:*",
"matchCriteriaId": "722EE4EC-43D8-4956-8F53-B13B23A1CE03",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:cisco:unified_presence_server:6.0\\(2\\):*:*:*:*:*:*:*",
"matchCriteriaId": "A704B14E-EC47-47E5-8AA1-35E0138B6A69",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:cisco:unified_presence_server:6.0\\(3\\):*:*:*:*:*:*:*",
"matchCriteriaId": "6F95246B-7822-4077-BC9C-3E1C0B02C139",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:cisco:unified_presence_server:6.0\\(4\\):*:*:*:*:*:*:*",
"matchCriteriaId": "A5D01D8A-9F92-4900-941C-0B481D277D95",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:cisco:unified_presence_server:6.0\\(5\\):*:*:*:*:*:*:*",
"matchCriteriaId": "E72DE400-8ACA-4D01-8BBE-7F13959F4DDC",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:cisco:unified_presence_server:6.0\\(6\\):*:*:*:*:*:*:*",
"matchCriteriaId": "F049CAA8-6FA8-4642-910C-70C8D3CEAF96",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:cisco:unified_presence_server:6.0\\(7\\):*:*:*:*:*:*:*",
"matchCriteriaId": "DBE02502-3A25-4C33-9F10-D11B1D8A915A",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:cisco:unified_presence_server:7.0\\(1\\):*:*:*:*:*:*:*",
"matchCriteriaId": "D94318C6-D439-4929-AA07-C9E71B6E8B1C",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:cisco:unified_presence_server:7.0\\(2\\):*:*:*:*:*:*:*",
"matchCriteriaId": "8B9C5872-317C-4A68-8E99-DEB224BAE607",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:cisco:unified_presence_server:7.0\\(3\\):*:*:*:*:*:*:*",
"matchCriteriaId": "D6F4FC53-3627-4826-8CFC-BEEBCB8CEC87",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:cisco:unified_presence_server:7.0\\(4\\):*:*:*:*:*:*:*",
"matchCriteriaId": "8BACEF63-F22A-4B39-84AE-A950AC024EB0",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:cisco:unified_presence_server:7.0\\(5\\):*:*:*:*:*:*:*",
"matchCriteriaId": "703C2FA6-B723-41B1-BEA3-87AABD6F85DC",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:cisco:unified_presence_server:7.0\\(6\\):*:*:*:*:*:*:*",
"matchCriteriaId": "80D0D477-4976-45FB-A089-5C19119D2BC6",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:cisco:unified_presence_server:7.0\\(7\\):*:*:*:*:*:*:*",
"matchCriteriaId": "0398D739-6A84-4817-AFD0-80A4513F1AD4",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:cisco:unified_presence_server:7.0\\(8\\):*:*:*:*:*:*:*",
"matchCriteriaId": "5A912AAC-11BE-4E44-A6D2-3D9EB0924A8C",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:cisco:unified_presence_server:7.0\\(9\\):*:*:*:*:*:*:*",
"matchCriteriaId": "95C017B1-9404-478D-9696-864E86C0A600",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:cisco:unified_presence_server:8.0:*:*:*:*:*:*:*",
"matchCriteriaId": "62F99A3E-6B66-495F-A9DA-B398FDBD68C4",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:cisco:unified_presence_server:8.5:*:*:*:*:*:*:*",
"matchCriteriaId": "E9757D60-0BCB-438A-9E51-9384F2A81170",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:cisco:unified_presence_server:8.5\\(1\\):*:*:*:*:*:*:*",
"matchCriteriaId": "2A3381A0-7712-4E4C-8AAF-625BBEF00F49",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:cisco:unified_presence_server:8.5\\(2\\):*:*:*:*:*:*:*",
"matchCriteriaId": "6C1FEB93-F4CD-4B75-8B45-2278F8D0A3A2",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:cisco:unified_presence_server:8.5\\(3\\):*:*:*:*:*:*:*",
"matchCriteriaId": "29D3C8B8-3F20-44E4-BE21-2376B98AD0E6",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
}
]
}
],
"cveTags": [],
"descriptions": [
{
"lang": "en",
"value": "Cisco Unified Communications Manager (aka CUCM, formerly CallManager) 6.x, 7.x before 7.1(5b)su4, 8.0, and 8.5 before 8.5(1)su2 and Cisco Unified Presence Server 6.x, 7.x, 8.0, and 8.5 before 8.5xnr allow remote attackers to read database data by connecting to a query interface through an SSL session, aka Bug IDs CSCti81574, CSCto63060, CSCto72183, and CSCto73833."
},
{
"lang": "es",
"value": "Cisco Unified Communications Manager (tambi\u00e9n conocido como CUCM o formerly CallManager) v6.x, v7.x antes de v7.1(5b)su4, v8.0, y v8.5 antes de v8.5(1)su2 y Cisco Unified Presence Server v6.x, v7.x, v8.0, y v8.5 antes de v8.5xnr, permite a atacantes remotos leer datos de la base de datos conectandose a la interfaz de consulta a trav\u00e9s de una sesi\u00f3n SSL, tambi\u00e9n conocido como Bug IDs CSCti81574, CSCto63060, CSCto72183 y CSCto73833."
}
],
"id": "CVE-2011-1643",
"lastModified": "2024-11-21T01:26:42.713",
"metrics": {
"cvssMetricV2": [
{
"acInsufInfo": false,
"baseSeverity": "HIGH",
"cvssData": {
"accessComplexity": "LOW",
"accessVector": "NETWORK",
"authentication": "NONE",
"availabilityImpact": "COMPLETE",
"baseScore": 10.0,
"confidentialityImpact": "COMPLETE",
"integrityImpact": "COMPLETE",
"vectorString": "AV:N/AC:L/Au:N/C:C/I:C/A:C",
"version": "2.0"
},
"exploitabilityScore": 10.0,
"impactScore": 10.0,
"obtainAllPrivilege": false,
"obtainOtherPrivilege": false,
"obtainUserPrivilege": false,
"source": "nvd@nist.gov",
"type": "Primary",
"userInteractionRequired": false
}
]
},
"published": "2011-08-29T15:55:01.127",
"references": [
{
"source": "ykramarz@cisco.com",
"tags": [
"Vendor Advisory"
],
"url": "http://www.cisco.com/en/US/products/products_security_advisory09186a0080b8f532.shtml"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Vendor Advisory"
],
"url": "http://www.cisco.com/en/US/products/products_security_advisory09186a0080b8f532.shtml"
}
],
"sourceIdentifier": "ykramarz@cisco.com",
"vulnStatus": "Modified",
"weaknesses": [
{
"description": [
{
"lang": "en",
"value": "CWE-200"
}
],
"source": "nvd@nist.gov",
"type": "Primary"
}
]
}
Vulnerability from fkie_nvd
Published
2007-04-03 00:19
Modified
2024-11-21 00:29
Severity ?
Summary
Cisco Unified CallManager (CUCM) 5.0 before 5.0(4a)SU1 and Cisco Unified Presence Server (CUPS) 1.0 before 1.0(3) allow remote attackers to cause a denial of service (loss of voice services) via a flood of ICMP echo requests, aka bug ID CSCsf12698.
References
Impacted products
| Vendor | Product | Version | |
|---|---|---|---|
| cisco | unified_callmanager | 5.0 | |
| cisco | unified_callmanager | 5.0\(1\) | |
| cisco | unified_callmanager | 5.0\(2\) | |
| cisco | unified_callmanager | 5.0\(3\) | |
| cisco | unified_callmanager | 5.0\(3a\) | |
| cisco | unified_callmanager | 5.0\(4\) | |
| cisco | unified_presence_server | 1.0 | |
| cisco | unified_presence_server | 1.0\(1\) | |
| cisco | unified_presence_server | 1.0\(2\) |
{
"configurations": [
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:a:cisco:unified_callmanager:5.0:*:*:*:*:*:*:*",
"matchCriteriaId": "37FEF567-5F92-40BB-8581-3FCF584AAA1A",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:cisco:unified_callmanager:5.0\\(1\\):*:*:*:*:*:*:*",
"matchCriteriaId": "C5865997-F8B2-4ABB-96DF-3AE691A7CE5B",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:cisco:unified_callmanager:5.0\\(2\\):*:*:*:*:*:*:*",
"matchCriteriaId": "E9211420-9F35-4872-879A-5F7CA29C6299",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:cisco:unified_callmanager:5.0\\(3\\):*:*:*:*:*:*:*",
"matchCriteriaId": "D7DD4B55-4C68-45CD-988E-D470C26E5E71",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:cisco:unified_callmanager:5.0\\(3a\\):*:*:*:*:*:*:*",
"matchCriteriaId": "48C1B081-1FD7-4BBD-84BD-E1E5F80C74FE",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:cisco:unified_callmanager:5.0\\(4\\):*:*:*:*:*:*:*",
"matchCriteriaId": "BC32C417-3E61-4892-9A42-C31C6D62F09D",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:cisco:unified_presence_server:1.0:*:*:*:*:*:*:*",
"matchCriteriaId": "7F897DA4-E313-45C8-A4FB-52404D6541BE",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:cisco:unified_presence_server:1.0\\(1\\):*:*:*:*:*:*:*",
"matchCriteriaId": "22B299D9-A18B-41D9-B976-57AFDAA751DD",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:cisco:unified_presence_server:1.0\\(2\\):*:*:*:*:*:*:*",
"matchCriteriaId": "CDA3BA5D-2CEB-4AAC-8CB4-4A2CDC574076",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
}
]
}
],
"cveTags": [],
"descriptions": [
{
"lang": "en",
"value": "Cisco Unified CallManager (CUCM) 5.0 before 5.0(4a)SU1 and Cisco Unified Presence Server (CUPS) 1.0 before 1.0(3) allow remote attackers to cause a denial of service (loss of voice services) via a flood of ICMP echo requests, aka bug ID CSCsf12698."
},
{
"lang": "es",
"value": "Cisco Unified CallManager (CUCM) 5.0 anterior a 5.0(4a)SU1 y Cisco Unified Presence Server (CUPS) 1.0 anterior a 1.0(3) permite a atacantes remotos provocar una denegaci\u00f3n de servicio (p\u00e9rdida de servicios de voz) mediante una inundaci\u00f3n de peticiones de eco ICMP, tambi\u00e9n conocido como bug ID CSCsf12698."
}
],
"id": "CVE-2007-1834",
"lastModified": "2024-11-21T00:29:16.110",
"metrics": {
"cvssMetricV2": [
{
"acInsufInfo": false,
"baseSeverity": "HIGH",
"cvssData": {
"accessComplexity": "LOW",
"accessVector": "NETWORK",
"authentication": "NONE",
"availabilityImpact": "COMPLETE",
"baseScore": 7.8,
"confidentialityImpact": "NONE",
"integrityImpact": "NONE",
"vectorString": "AV:N/AC:L/Au:N/C:N/I:N/A:C",
"version": "2.0"
},
"exploitabilityScore": 10.0,
"impactScore": 6.9,
"obtainAllPrivilege": false,
"obtainOtherPrivilege": false,
"obtainUserPrivilege": false,
"source": "nvd@nist.gov",
"type": "Primary",
"userInteractionRequired": false
}
]
},
"published": "2007-04-03T00:19:00.000",
"references": [
{
"source": "cve@mitre.org",
"tags": [
"Patch",
"Vendor Advisory"
],
"url": "http://secunia.com/advisories/24690"
},
{
"source": "cve@mitre.org",
"tags": [
"Patch"
],
"url": "http://securitytracker.com/id?1017826"
},
{
"source": "cve@mitre.org",
"tags": [
"Patch",
"Vendor Advisory"
],
"url": "http://www.cisco.com/warp/public/707/cisco-sa-20070328-voip.shtml"
},
{
"source": "cve@mitre.org",
"url": "http://www.securityfocus.com/bid/23181"
},
{
"source": "cve@mitre.org",
"url": "http://www.vupen.com/english/advisories/2007/1144"
},
{
"source": "cve@mitre.org",
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/33299"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Patch",
"Vendor Advisory"
],
"url": "http://secunia.com/advisories/24690"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Patch"
],
"url": "http://securitytracker.com/id?1017826"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Patch",
"Vendor Advisory"
],
"url": "http://www.cisco.com/warp/public/707/cisco-sa-20070328-voip.shtml"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://www.securityfocus.com/bid/23181"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://www.vupen.com/english/advisories/2007/1144"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/33299"
}
],
"sourceIdentifier": "cve@mitre.org",
"vulnStatus": "Modified",
"weaknesses": [
{
"description": [
{
"lang": "en",
"value": "NVD-CWE-Other"
}
],
"source": "nvd@nist.gov",
"type": "Primary"
}
]
}
Vulnerability from fkie_nvd
Published
2010-08-26 21:00
Modified
2024-11-21 01:17
Severity ?
Summary
SIPD in Cisco Unified Presence 6.x before 6.0(7) and 7.x before 7.0(8) allows remote attackers to cause a denial of service (stack memory corruption and process failure) via a malformed SIP message, aka Bug ID CSCtd14474.
References
Impacted products
| Vendor | Product | Version | |
|---|---|---|---|
| cisco | unified_presence_server | 6.0 | |
| cisco | unified_presence_server | 6.0\(2\) | |
| cisco | unified_presence_server | 6.0\(3\) | |
| cisco | unified_presence_server | 6.0\(4\) | |
| cisco | unified_presence_server | 6.0\(5\) | |
| cisco | unified_presence_server | 6.0\(6\) | |
| cisco | unified_presence_server | 7.0 | |
| cisco | unified_presence_server | 7.0\(2\) | |
| cisco | unified_presence_server | 7.0\(3\) | |
| cisco | unified_presence_server | 7.0\(4\) | |
| cisco | unified_presence_server | 7.0\(5\) | |
| cisco | unified_presence_server | 7.0\(6\) | |
| cisco | unified_presence_server | 7.0\(7\) | |
| cisco | unified_presence_server | 6.0\(2.1101\) | |
| cisco | unified_presence_server | 6.0\(3.1101-2\) | |
| cisco | unified_presence_server | 6.0\(4.1101-5\) | |
| cisco | unified_presence_server | 6.0\(5.1101-1\) | |
| cisco | unified_presence_server | 6.0\(5.1103-2\) | |
| cisco | unified_presence_server | 6.0.5.1102-1 | |
| cisco | unified_presence_server | 7.0.3.10102-3 | |
| cisco | unified_presence_server | 7.0.3.10103-2 | |
| cisco | unified_presence_server | 7.0.4.10101-2 |
{
"configurations": [
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:a:cisco:unified_presence_server:6.0:*:*:*:*:*:*:*",
"matchCriteriaId": "6D9CEBA2-160F-4303-9C1D-C7BD7E758CFE",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:cisco:unified_presence_server:6.0\\(2\\):*:*:*:*:*:*:*",
"matchCriteriaId": "A704B14E-EC47-47E5-8AA1-35E0138B6A69",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:cisco:unified_presence_server:6.0\\(3\\):*:*:*:*:*:*:*",
"matchCriteriaId": "6F95246B-7822-4077-BC9C-3E1C0B02C139",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:cisco:unified_presence_server:6.0\\(4\\):*:*:*:*:*:*:*",
"matchCriteriaId": "A5D01D8A-9F92-4900-941C-0B481D277D95",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:cisco:unified_presence_server:6.0\\(5\\):*:*:*:*:*:*:*",
"matchCriteriaId": "E72DE400-8ACA-4D01-8BBE-7F13959F4DDC",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:cisco:unified_presence_server:6.0\\(6\\):*:*:*:*:*:*:*",
"matchCriteriaId": "F049CAA8-6FA8-4642-910C-70C8D3CEAF96",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:cisco:unified_presence_server:7.0:*:*:*:*:*:*:*",
"matchCriteriaId": "1706BFD4-817A-4BA2-8B3B-60CDF1F54A16",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:cisco:unified_presence_server:7.0\\(2\\):*:*:*:*:*:*:*",
"matchCriteriaId": "8B9C5872-317C-4A68-8E99-DEB224BAE607",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:cisco:unified_presence_server:7.0\\(3\\):*:*:*:*:*:*:*",
"matchCriteriaId": "D6F4FC53-3627-4826-8CFC-BEEBCB8CEC87",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:cisco:unified_presence_server:7.0\\(4\\):*:*:*:*:*:*:*",
"matchCriteriaId": "8BACEF63-F22A-4B39-84AE-A950AC024EB0",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:cisco:unified_presence_server:7.0\\(5\\):*:*:*:*:*:*:*",
"matchCriteriaId": "703C2FA6-B723-41B1-BEA3-87AABD6F85DC",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:cisco:unified_presence_server:7.0\\(6\\):*:*:*:*:*:*:*",
"matchCriteriaId": "80D0D477-4976-45FB-A089-5C19119D2BC6",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:cisco:unified_presence_server:7.0\\(7\\):*:*:*:*:*:*:*",
"matchCriteriaId": "0398D739-6A84-4817-AFD0-80A4513F1AD4",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
}
]
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:a:cisco:unified_presence_server:6.0\\(2.1101\\):*:*:*:*:*:*:*",
"matchCriteriaId": "33A4FA6A-D37D-465D-921A-51E429A30537",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:cisco:unified_presence_server:6.0\\(3.1101-2\\):*:*:*:*:*:*:*",
"matchCriteriaId": "BDE292F1-2F4F-40BE-9E2A-E3F1C55857EC",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:cisco:unified_presence_server:6.0\\(4.1101-5\\):*:*:*:*:*:*:*",
"matchCriteriaId": "B709CF6E-C148-4AD6-962B-A1055396DC8D",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:cisco:unified_presence_server:6.0\\(5.1101-1\\):*:*:*:*:*:*:*",
"matchCriteriaId": "0B64ACB1-C4E5-48B9-8747-4F7AFA6955A2",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:cisco:unified_presence_server:6.0\\(5.1103-2\\):*:*:*:*:*:*:*",
"matchCriteriaId": "3AB3FB41-7A7B-4342-9ED2-27ACDD29E5D6",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:cisco:unified_presence_server:6.0.5.1102-1:*:*:*:*:*:*:*",
"matchCriteriaId": "A81DC553-FFAB-4D13-8484-E174CA918D23",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:cisco:unified_presence_server:7.0.3.10102-3:*:*:*:*:*:*:*",
"matchCriteriaId": "ED42650B-EDED-4CC5-BA26-D179E7F25177",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:cisco:unified_presence_server:7.0.3.10103-2:*:*:*:*:*:*:*",
"matchCriteriaId": "B734482D-2E7E-4A4B-BB3C-3ABC2EB8FD50",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:cisco:unified_presence_server:7.0.4.10101-2:*:*:*:*:*:*:*",
"matchCriteriaId": "EE3D3770-3C99-4FCF-9B42-727A40D6062F",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
}
]
}
],
"cveTags": [],
"descriptions": [
{
"lang": "en",
"value": "SIPD in Cisco Unified Presence 6.x before 6.0(7) and 7.x before 7.0(8) allows remote attackers to cause a denial of service (stack memory corruption and process failure) via a malformed SIP message, aka Bug ID CSCtd14474."
},
{
"lang": "es",
"value": "SIPD de Cisco Unified Presence v6.x anterior a v6.0(7) y v7.x anterior a v7.0(8) permite a atacantes remotos provocar una denegaci\u00f3n de servicio (corrupci\u00f3n de la pila de memoria y fallo del proceso) mediante un mensaje SIP mal formado. Tambi\u00e9n se conoce como Bug ID CSCtd14474."
}
],
"id": "CVE-2010-2839",
"lastModified": "2024-11-21T01:17:28.433",
"metrics": {
"cvssMetricV2": [
{
"acInsufInfo": false,
"baseSeverity": "HIGH",
"cvssData": {
"accessComplexity": "LOW",
"accessVector": "NETWORK",
"authentication": "NONE",
"availabilityImpact": "COMPLETE",
"baseScore": 7.8,
"confidentialityImpact": "NONE",
"integrityImpact": "NONE",
"vectorString": "AV:N/AC:L/Au:N/C:N/I:N/A:C",
"version": "2.0"
},
"exploitabilityScore": 10.0,
"impactScore": 6.9,
"obtainAllPrivilege": false,
"obtainOtherPrivilege": false,
"obtainUserPrivilege": false,
"source": "nvd@nist.gov",
"type": "Primary",
"userInteractionRequired": false
}
]
},
"published": "2010-08-26T21:00:01.530",
"references": [
{
"source": "ykramarz@cisco.com",
"tags": [
"Patch",
"Vendor Advisory"
],
"url": "http://www.cisco.com/en/US/products/products_security_advisory09186a0080b43909.shtml"
},
{
"source": "ykramarz@cisco.com",
"url": "http://www.vupen.com/english/advisories/2010/2186"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Patch",
"Vendor Advisory"
],
"url": "http://www.cisco.com/en/US/products/products_security_advisory09186a0080b43909.shtml"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://www.vupen.com/english/advisories/2010/2186"
}
],
"sourceIdentifier": "ykramarz@cisco.com",
"vulnStatus": "Modified",
"weaknesses": [
{
"description": [
{
"lang": "en",
"value": "CWE-399"
}
],
"source": "nvd@nist.gov",
"type": "Primary"
}
]
}