Search criteria
15 vulnerabilities found for virtualized_voice_browser by cisco
FKIE_CVE-2025-20278
Vulnerability from fkie_nvd - Published: 2025-06-04 17:15 - Updated: 2025-07-31 15:02
Severity ?
6.0 (Medium) - CVSS:3.1/AV:L/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:N
6.7 (Medium) - CVSS:3.1/AV:L/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:H
6.7 (Medium) - CVSS:3.1/AV:L/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:H
Summary
A vulnerability in the CLI of multiple Cisco Unified Communications products could allow an authenticated, local attacker to execute arbitrary commands on the underlying operating system of an affected device as the root user.
This vulnerability is due to improper validation of user-supplied command arguments. An attacker could exploit this vulnerability by executing crafted commands on the CLI of an affected device. A successful exploit could allow the attacker to execute arbitrary commands on the underlying operating system of an affected device as the root user. To exploit this vulnerability, the attacker must have valid administrative credentials.
References
Impacted products
{
"configurations": [
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:a:cisco:finesse:10.5\\(1\\):*:*:*:*:*:*:*",
"matchCriteriaId": "79D5BACD-F4DB-4633-BFDA-09610BA242B3",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:cisco:finesse:10.5\\(1\\)_es1:*:*:*:*:*:*:*",
"matchCriteriaId": "D37E02C3-B63F-43D9-AF7F-76609C424620",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:cisco:finesse:10.5\\(1\\)_es2:*:*:*:*:*:*:*",
"matchCriteriaId": "C869C393-AD1F-4334-92F6-F5CB11979EDB",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:cisco:finesse:10.5\\(1\\)_es3:*:*:*:*:*:*:*",
"matchCriteriaId": "7E80412C-6BFF-44D7-B3B6-D8CC19D93296",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:cisco:finesse:10.5\\(1\\)_es4:*:*:*:*:*:*:*",
"matchCriteriaId": "C3C8DA33-8104-414A-8C63-1405C6EEB362",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:cisco:finesse:10.5\\(1\\)_es5:*:*:*:*:*:*:*",
"matchCriteriaId": "19B8D09E-0967-4938-BFB8-BF25F382CFA8",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:cisco:finesse:10.5\\(1\\)_es6:*:*:*:*:*:*:*",
"matchCriteriaId": "C72CA386-7B02-4338-8DF1-94E9E750B1FC",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:cisco:finesse:10.5\\(1\\)_es7:*:*:*:*:*:*:*",
"matchCriteriaId": "E9B3F4B9-7075-4FBE-BFEC-2353BA022985",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:cisco:finesse:10.5\\(1\\)_es8:*:*:*:*:*:*:*",
"matchCriteriaId": "452114E6-AE9B-4530-AA32-BBD020D06124",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:cisco:finesse:10.5\\(1\\)_es9:*:*:*:*:*:*:*",
"matchCriteriaId": "6DF4C48E-BC31-4949-9BB3-9FFDC12D1D6A",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:cisco:finesse:10.5\\(1\\)_es10:*:*:*:*:*:*:*",
"matchCriteriaId": "FC6BF05F-72DF-486B-932B-DC2F50DB10B8",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:cisco:finesse:11.0\\(1\\):-:*:*:*:*:*:*",
"matchCriteriaId": "01597DCF-AC44-4FDF-A1B5-5ED7F32DBB2F",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:cisco:finesse:11.0\\(1\\):es1:*:*:*:*:*:*",
"matchCriteriaId": "9A16F5BD-987C-41DA-98B1-66496F95CFE0",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:cisco:finesse:11.0\\(1\\):es2:*:*:*:*:*:*",
"matchCriteriaId": "78D4AE20-6DBE-455D-AAE4-1AB2DE8D6E62",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:cisco:finesse:11.0\\(1\\):es3:*:*:*:*:*:*",
"matchCriteriaId": "030DE3E5-5DB2-46F7-BDAE-EC103C22C832",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:cisco:finesse:11.0\\(1\\):es4:*:*:*:*:*:*",
"matchCriteriaId": "173AC31D-3A0E-4885-A294-78756C747035",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:cisco:finesse:11.0\\(1\\):es5:*:*:*:*:*:*",
"matchCriteriaId": "F8948CB7-7792-429B-93F5-5F3AF98B14AF",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:cisco:finesse:11.0\\(1\\):es6:*:*:*:*:*:*",
"matchCriteriaId": "F5B88E85-8485-4F07-973B-864328F2631A",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:cisco:finesse:11.0\\(1\\):es7:*:*:*:*:*:*",
"matchCriteriaId": "8B04AB8B-9D7A-4906-A655-A489D32B3036",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:cisco:finesse:11.5\\(1\\):-:*:*:*:*:*:*",
"matchCriteriaId": "AC833139-6461-4383-A02A-BB395F3E3E12",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:cisco:finesse:11.5\\(1\\):es1:*:*:*:*:*:*",
"matchCriteriaId": "6648DCBA-E3F7-4AFC-B5A2-BC57CF8F5F9E",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:cisco:finesse:11.5\\(1\\):es2:*:*:*:*:*:*",
"matchCriteriaId": "2DBCBEB3-F52E-44C3-9C3A-67D2DEDCD4B1",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:cisco:finesse:11.5\\(1\\):es3:*:*:*:*:*:*",
"matchCriteriaId": "9FA81305-8164-4E75-BC7A-974E212DDFBA",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:cisco:finesse:11.5\\(1\\):es4:*:*:*:*:*:*",
"matchCriteriaId": "7603F952-EC9A-4D1C-8672-1C1DD599B471",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:cisco:finesse:11.5\\(1\\):es5:*:*:*:*:*:*",
"matchCriteriaId": "1E2F3098-64AB-4355-9E75-23392F670110",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:cisco:finesse:11.5\\(1\\):es6:*:*:*:*:*:*",
"matchCriteriaId": "7324F249-B6A8-47AC-B4E3-BD7D1D180960",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:cisco:finesse:11.6\\(1\\):-:*:*:*:*:*:*",
"matchCriteriaId": "7E507E31-71FA-437D-B325-48281650CFBA",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:cisco:finesse:11.6\\(1\\):es1:*:*:*:*:*:*",
"matchCriteriaId": "7AEC47C7-E04D-4780-A574-5131D71B55C0",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:cisco:finesse:11.6\\(1\\):es10:*:*:*:*:*:*",
"matchCriteriaId": "5C7322DB-1B4B-4E9A-AD3B-0856905108B2",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:cisco:finesse:11.6\\(1\\):es11:*:*:*:*:*:*",
"matchCriteriaId": "F7B58C17-84F5-4243-A00C-F9A5558EBF30",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:cisco:finesse:11.6\\(1\\):es2:*:*:*:*:*:*",
"matchCriteriaId": "881A361D-FD14-4206-855A-779D03810B2C",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:cisco:finesse:11.6\\(1\\):es3:*:*:*:*:*:*",
"matchCriteriaId": "64E6AE5B-5753-48D6-98AB-B39981AEB9B7",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:cisco:finesse:11.6\\(1\\):es4:*:*:*:*:*:*",
"matchCriteriaId": "D917999F-E9AF-40C2-969A-36C8D5934590",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:cisco:finesse:11.6\\(1\\):es5:*:*:*:*:*:*",
"matchCriteriaId": "83BC183B-4CB6-47FB-9AAA-78E5E75BEB3D",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:cisco:finesse:11.6\\(1\\):es6:*:*:*:*:*:*",
"matchCriteriaId": "93E2DBF0-FAF3-40A7-8BA4-9A56CD6D8939",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:cisco:finesse:11.6\\(1\\):es7:*:*:*:*:*:*",
"matchCriteriaId": "A071AD17-9134-43D0-A3C3-FF7348AA0DE4",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:cisco:finesse:11.6\\(1\\):es8:*:*:*:*:*:*",
"matchCriteriaId": "0EBC41A8-BE9B-4F19-A287-52A9DFEF2162",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:cisco:finesse:11.6\\(1\\):es9:*:*:*:*:*:*",
"matchCriteriaId": "DCB0C670-4159-4ECB-B520-FF4197381E78",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:cisco:finesse:11.6\\(1\\)_fips:*:*:*:*:*:*:*",
"matchCriteriaId": "CB97E302-0642-453F-927E-A6370EB7CBA5",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:cisco:finesse:12.0\\(1\\):-:*:*:*:*:*:*",
"matchCriteriaId": "2D876E49-DF49-4CEF-B2E8-95AEB5FE651A",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:cisco:finesse:12.0\\(1\\):es1:*:*:*:*:*:*",
"matchCriteriaId": "02E2FDD7-5C71-426B-8578-2B57582BC76F",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:cisco:finesse:12.0\\(1\\):es2:*:*:*:*:*:*",
"matchCriteriaId": "ECAE1945-C1AF-488D-90AA-BDF6BE2C9B8B",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:cisco:finesse:12.0\\(1\\):es3:*:*:*:*:*:*",
"matchCriteriaId": "0BEF7143-A46F-4591-96CA-765503897C09",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:cisco:finesse:12.0\\(1\\):es4:*:*:*:*:*:*",
"matchCriteriaId": "1BB52449-3211-42CC-85D7-C0E6EC4A4BDA",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:cisco:finesse:12.0\\(1\\):es5:*:*:*:*:*:*",
"matchCriteriaId": "5E28915E-1F4D-4A65-9FEB-848908567277",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:cisco:finesse:12.0\\(1\\):es6:*:*:*:*:*:*",
"matchCriteriaId": "786F037D-FC43-4024-9746-4C81C5F471C0",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:cisco:finesse:12.0\\(1\\):es7:*:*:*:*:*:*",
"matchCriteriaId": "9E6B0E93-7805-4076-BB46-A5D1DC8102DE",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:cisco:finesse:12.0\\(1\\):es8:*:*:*:*:*:*",
"matchCriteriaId": "D6A77483-98FD-417B-8BAA-2C2DAEE41DEB",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:cisco:finesse:12.5\\(1\\):-:*:*:*:*:*:*",
"matchCriteriaId": "3629695A-A121-4963-9BAC-9AEF3A4FABF9",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:cisco:finesse:12.5\\(1\\):es1:*:*:*:*:*:*",
"matchCriteriaId": "F6DC24C6-F2A0-431F-86BA-68F706E19549",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:cisco:finesse:12.5\\(1\\):es2:*:*:*:*:*:*",
"matchCriteriaId": "6F457A6B-426E-426D-9229-0609727E59AC",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:cisco:finesse:12.5\\(1\\):es3:*:*:*:*:*:*",
"matchCriteriaId": "96F4A329-A0DE-4853-B605-F26DD5C96BBB",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:cisco:finesse:12.5\\(1\\):es4:*:*:*:*:*:*",
"matchCriteriaId": "B75F5E70-70EB-4C39-972D-5E55FACC6540",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:cisco:finesse:12.5\\(1\\):es5:*:*:*:*:*:*",
"matchCriteriaId": "6FA9D96D-8A0D-4AA0-9072-8D5610FF966D",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:cisco:finesse:12.5\\(1\\):es6:*:*:*:*:*:*",
"matchCriteriaId": "EBDB20F0-C090-45F7-9FD2-91A6E29A4A9F",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:cisco:finesse:12.5\\(1\\):es7:*:*:*:*:*:*",
"matchCriteriaId": "EA550F6E-E4A7-421E-A437-85978B95B149",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:cisco:finesse:12.5\\(1\\):es8:*:*:*:*:*:*",
"matchCriteriaId": "C25DF954-39E6-4C0A-80BD-AABAB9CE6767",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:cisco:finesse:12.5\\(1\\):su:*:*:*:*:*:*",
"matchCriteriaId": "80250CAD-F57B-4744-8003-5A156995A813",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:cisco:finesse:12.5\\(1\\):su_es1:*:*:*:*:*:*",
"matchCriteriaId": "80386F8A-0A80-44BE-ABE0-A5607FD647F8",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:cisco:finesse:12.5\\(1\\):su_es2:*:*:*:*:*:*",
"matchCriteriaId": "FD034AE2-F64A-4E4B-B5E3-CCD03D0DFDE2",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:cisco:finesse:12.5\\(1\\):su_es3:*:*:*:*:*:*",
"matchCriteriaId": "EB805752-C6E2-4442-A742-AEA46BCE7058",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:cisco:finesse:12.5\\(2\\):*:*:*:*:*:*:*",
"matchCriteriaId": "0AAAD5C7-2485-49CE-BF11-AD5A37DE02AD",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:cisco:finesse:12.6\\(1\\):-:*:*:*:*:*:*",
"matchCriteriaId": "4DFCE723-9359-40C7-BA35-B71BDF8E3CF3",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:cisco:finesse:12.6\\(1\\):es01:*:*:*:*:*:*",
"matchCriteriaId": "28B1524E-FDCA-4570-86DD-CE396271B232",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:cisco:finesse:12.6\\(1\\):es02:*:*:*:*:*:*",
"matchCriteriaId": "74DC6F28-BFEF-4D89-93D5-10072DAC39C8",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:cisco:finesse:12.6\\(1\\):es03:*:*:*:*:*:*",
"matchCriteriaId": "BA1D60D7-1B4A-4EEE-A26C-389D9271E005",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:cisco:finesse:12.6\\(1\\):es04:*:*:*:*:*:*",
"matchCriteriaId": "CBB30A12-F8D7-403C-B430-A2ECF57F6FC7",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:cisco:finesse:12.6\\(1\\):es05:*:*:*:*:*:*",
"matchCriteriaId": "2C660245-93FF-454C-BE89-56D185105E06",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:cisco:finesse:12.6\\(1\\):es06:*:*:*:*:*:*",
"matchCriteriaId": "D68B5D94-C071-4CCA-B0F1-1EB9748F2773",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:cisco:finesse:12.6\\(1\\):es07:*:*:*:*:*:*",
"matchCriteriaId": "C4B917B3-486D-40F0-BA3C-02F3C2FBDE4A",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:cisco:finesse:12.6\\(1\\):es07_et:*:*:*:*:*:*",
"matchCriteriaId": "6FA347C0-A5B5-4148-987A-72BC9021EAB8",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:cisco:finesse:12.6\\(1\\):es08:*:*:*:*:*:*",
"matchCriteriaId": "C619F70A-F119-4252-BB9E-1C46587B8346",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:cisco:finesse:12.6\\(1\\):es09:*:*:*:*:*:*",
"matchCriteriaId": "AC1D7342-C9E4-4831-AD71-EF806AD56C18",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:cisco:finesse:12.6\\(1\\):es10:*:*:*:*:*:*",
"matchCriteriaId": "D3B65C32-F0B5-45D5-91B3-A2AF40FD711C",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:cisco:finesse:12.6\\(1\\):es11:*:*:*:*:*:*",
"matchCriteriaId": "AAEA5E13-FD7F-4AD3-A775-2FB839B8F040",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:cisco:finesse:12.6\\(2\\):-:*:*:*:*:*:*",
"matchCriteriaId": "8C98A1AA-4F49-4DD8-B4F4-6194E487BBE9",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:cisco:finesse:12.6\\(2\\):es01:*:*:*:*:*:*",
"matchCriteriaId": "CCCF715C-5DDF-4586-AF7B-C2C3579F6041",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:cisco:finesse:12.6\\(2\\):es02:*:*:*:*:*:*",
"matchCriteriaId": "2C21D0F8-E157-4094-98BF-0CCCE0505CA3",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:cisco:finesse:12.6\\(2\\):es03:*:*:*:*:*:*",
"matchCriteriaId": "5B3E1F6B-7054-42E0-A3E4-542B32646653",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:cisco:finesse:12.6\\(2\\):es04:*:*:*:*:*:*",
"matchCriteriaId": "585DB839-C795-40E0-88FE-C831426E1F42",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:cisco:finesse:12.6\\(2\\):es05:*:*:*:*:*:*",
"matchCriteriaId": "8E743A73-666C-4431-9030-7B0EC67C95F1",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
}
]
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:a:cisco:socialminer:10.5\\(1\\):*:*:*:*:*:*:*",
"matchCriteriaId": "3F8BC85C-F3C7-4FE6-97D5-30C2DA4858D8",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:cisco:socialminer:10.6\\(1\\):*:*:*:*:*:*:*",
"matchCriteriaId": "8496A6AF-FF0B-4DCD-9524-4C89E74B44C7",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:cisco:socialminer:10.6\\(2\\):*:*:*:*:*:*:*",
"matchCriteriaId": "0D8D8B8B-FD28-4A42-8364-72D896742533",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:cisco:socialminer:11.0\\(1\\):*:*:*:*:*:*:*",
"matchCriteriaId": "152B13F1-4EB5-4DA0-A943-326F8F324432",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:cisco:socialminer:11.5\\(1\\):*:*:*:*:*:*:*",
"matchCriteriaId": "9CBA712A-A9FC-4DA9-A06A-9A49A0355F34",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:cisco:socialminer:11.5\\(1\\)su1:*:*:*:*:*:*:*",
"matchCriteriaId": "D807EB1C-6970-4A6D-B50A-A16DC43C443E",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:cisco:socialminer:11.6\\(1\\):*:*:*:*:*:*:*",
"matchCriteriaId": "1382D72C-1447-4296-A520-BEF4EB48633C",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:cisco:socialminer:11.6\\(2\\):*:*:*:*:*:*:*",
"matchCriteriaId": "6D53D578-A6D5-4BD0-9CD2-C8E496D136B0",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:cisco:socialminer:12.0\\(1\\):*:*:*:*:*:*:*",
"matchCriteriaId": "24871067-7ADC-473D-A148-A82BE2C158A1",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:cisco:socialminer:12.0\\(1\\)es02:*:*:*:*:*:*:*",
"matchCriteriaId": "CC5C6FC1-CD6B-48C0-803C-E77C4B182A1F",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:cisco:socialminer:12.0\\(1\\)es03:*:*:*:*:*:*:*",
"matchCriteriaId": "9898EB83-A3A1-45A8-9E88-09A5A27D6EC6",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:cisco:socialminer:12.0\\(1\\)es04:*:*:*:*:*:*:*",
"matchCriteriaId": "A2AB2650-7D2B-4117-888D-CCB5E894E5C4",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:cisco:socialminer:12.5\\(1\\):*:*:*:*:*:*:*",
"matchCriteriaId": "D32D6A4A-08E6-470E-B82C-D5E4E4B810FD",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:cisco:socialminer:12.5\\(1\\)es01:*:*:*:*:*:*:*",
"matchCriteriaId": "15F7499F-5F1E-47BA-8A84-33B55CA4E966",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:cisco:socialminer:12.5\\(1\\)su1:*:*:*:*:*:*:*",
"matchCriteriaId": "33B065FE-3FA0-4109-90F3-57EABB2DB6DC",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:cisco:socialminer:12.5\\(1\\)su2:*:*:*:*:*:*:*",
"matchCriteriaId": "7EA97B42-BE0D-4D64-9791-C74DE3DB3EA8",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:cisco:socialminer:12.5\\(1\\)su3:*:*:*:*:*:*:*",
"matchCriteriaId": "811913C6-4E1B-449F-9E95-F57D96436A59",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
}
]
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:a:cisco:unified_communications_manager:12.5\\(1\\):*:*:*:*:*:*:*",
"matchCriteriaId": "3EB73BD4-9ECC-458E-925D-FECE9A49BD48",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:cisco:unified_communications_manager:12.5\\(1\\)su1:*:*:*:*:*:*:*",
"matchCriteriaId": "1C9751FC-5C3C-4D7B-B368-39FF096C1581",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:cisco:unified_communications_manager:12.5\\(1\\)su2:*:*:*:*:*:*:*",
"matchCriteriaId": "E411B60D-4EFA-4A8C-A9A0-74B7524B2B72",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:cisco:unified_communications_manager:12.5\\(1\\)su3:*:*:*:*:*:*:*",
"matchCriteriaId": "EC7EAB06-39FB-4897-BDCC-B84041DA9AB0",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:cisco:unified_communications_manager:12.5\\(1\\)su4:*:*:*:*:*:*:*",
"matchCriteriaId": "2E727720-92A8-430E-881F-091ACC71E87F",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:cisco:unified_communications_manager:12.5\\(1\\)su5:*:*:*:*:*:*:*",
"matchCriteriaId": "511D0C5D-55DB-4293-BFE0-17D31073C5BA",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:cisco:unified_communications_manager:12.5\\(1\\)su6:*:*:*:*:*:*:*",
"matchCriteriaId": "294B9E10-2CF1-47D3-9725-E2A568E17AD2",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:cisco:unified_communications_manager:12.5\\(1\\)su7:*:*:*:*:*:*:*",
"matchCriteriaId": "397E6105-7508-4DEB-AD6D-1E702E31C875",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:cisco:unified_communications_manager:12.5\\(1\\)su7a:*:*:*:*:*:*:*",
"matchCriteriaId": "1DD5882F-47AD-44BF-BAF5-4DA6B59A45A1",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:cisco:unified_communications_manager:12.5\\(1\\)su8:*:*:*:*:*:*:*",
"matchCriteriaId": "65580374-43E4-4EB4-8D66-76FB8AF11568",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:cisco:unified_communications_manager:12.5\\(1\\)su8a:*:*:*:*:*:*:*",
"matchCriteriaId": "D501B7FB-1335-4C44-8C4F-DDF033A41E4A",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:cisco:unified_communications_manager:12.5\\(1\\)su9:*:*:*:*:*:*:*",
"matchCriteriaId": "7E5D489D-D2D3-4784-8B80-209344A9FC76",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
}
]
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:a:cisco:unified_communications_manager_im_and_presence_service:12.5\\(1\\):*:*:*:*:*:*:*",
"matchCriteriaId": "CAAAAF61-C33F-462B-B7C4-9F976235888A",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:cisco:unified_communications_manager_im_and_presence_service:12.5\\(1\\)su1:*:*:*:*:*:*:*",
"matchCriteriaId": "00310A4E-8CC5-4AE4-ACC3-80F1066D4EDB",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:cisco:unified_communications_manager_im_and_presence_service:12.5\\(1\\)su2:*:*:*:*:*:*:*",
"matchCriteriaId": "28D2915C-E4C2-404B-BC2E-10FAAE34A98B",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:cisco:unified_communications_manager_im_and_presence_service:12.5\\(1\\)su3:*:*:*:*:*:*:*",
"matchCriteriaId": "ECC46928-718B-4CCB-AE4F-A974ACD52AA7",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:cisco:unified_communications_manager_im_and_presence_service:12.5\\(1\\)su4:*:*:*:*:*:*:*",
"matchCriteriaId": "AA6FDB4C-ABA5-418A-81DC-C1735F3F6795",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:cisco:unified_communications_manager_im_and_presence_service:12.5\\(1\\)su5:*:*:*:*:*:*:*",
"matchCriteriaId": "CC698BDD-2C43-4F6B-BD9A-29FE9A03449B",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:cisco:unified_communications_manager_im_and_presence_service:12.5\\(1\\)su6:*:*:*:*:*:*:*",
"matchCriteriaId": "46366B52-A3BE-43B6-9861-1ED8271E224C",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:cisco:unified_communications_manager_im_and_presence_service:12.5\\(1\\)su7:*:*:*:*:*:*:*",
"matchCriteriaId": "E32FBC94-72DA-4467-8A63-74C3A3AF7FC6",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:cisco:unified_communications_manager_im_and_presence_service:12.5\\(1\\)su8:*:*:*:*:*:*:*",
"matchCriteriaId": "00D141B1-48C4-4214-BD66-C0BE88B89863",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:cisco:unified_communications_manager_im_and_presence_service:12.5\\(1\\)su9:*:*:*:*:*:*:*",
"matchCriteriaId": "0D9693DD-CCAC-418C-9C7A-9E9E8A153B3C",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
}
]
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:a:cisco:unified_contact_center_express:8.5\\(1\\):*:*:*:*:*:*:*",
"matchCriteriaId": "ED97AAD8-D02D-42AB-863A-7538A1F6D425",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:cisco:unified_contact_center_express:9.0\\(2\\)su3es04:*:*:*:*:*:*:*",
"matchCriteriaId": "E1202DE4-CA67-424E-8379-2BC13630F0C7",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:cisco:unified_contact_center_express:10.0\\(1\\)su1:*:*:*:*:*:*:*",
"matchCriteriaId": "31854EAF-89B5-40BB-98E7-7EBB2E867C96",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:cisco:unified_contact_center_express:10.0\\(1\\)su1es04:*:*:*:*:*:*:*",
"matchCriteriaId": "DE1194F1-9CF5-460E-AF26-FB7CDC1EE878",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:cisco:unified_contact_center_express:10.5\\(1\\):*:*:*:*:*:*:*",
"matchCriteriaId": "1C277058-F33F-4E60-AE89-658CB6558D9A",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:cisco:unified_contact_center_express:10.5\\(1\\)su1:*:*:*:*:*:*:*",
"matchCriteriaId": "1E255206-BDDB-4F0F-9ED7-3A3ACA74EF83",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:cisco:unified_contact_center_express:10.5\\(1\\)su1es10:*:*:*:*:*:*:*",
"matchCriteriaId": "CE358FF2-CB8A-4E0D-926E-ED151B585E52",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:cisco:unified_contact_center_express:10.6\\(1\\):*:*:*:*:*:*:*",
"matchCriteriaId": "D6F83A65-F3AC-4F6B-97A3-9FC582683BCB",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:cisco:unified_contact_center_express:10.6\\(1\\)su1:*:*:*:*:*:*:*",
"matchCriteriaId": "A766B903-E6DB-4838-90A7-63918C9F8AD9",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:cisco:unified_contact_center_express:10.6\\(1\\)su2:*:*:*:*:*:*:*",
"matchCriteriaId": "2F1F0C70-E644-4DCA-93C2-6BCB331D08E6",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:cisco:unified_contact_center_express:10.6\\(1\\)su2es04:*:*:*:*:*:*:*",
"matchCriteriaId": "DF54B434-E765-40B1-B12A-21FC7F415ACE",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:cisco:unified_contact_center_express:10.6\\(1\\)su3:*:*:*:*:*:*:*",
"matchCriteriaId": "60839544-11E0-4381-A9AA-21D6FB403F88",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:cisco:unified_contact_center_express:10.6\\(1\\)su3es01:*:*:*:*:*:*:*",
"matchCriteriaId": "7D8114CF-6689-4C97-BD5D-07CC8EEF35A2",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:cisco:unified_contact_center_express:10.6\\(1\\)su3es02:*:*:*:*:*:*:*",
"matchCriteriaId": "1D90986B-64ED-44A1-9CF1-7C9FD27555FF",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:cisco:unified_contact_center_express:10.6\\(1\\)su3es03:*:*:*:*:*:*:*",
"matchCriteriaId": "442E4715-5043-4BF7-8961-C8844A00A7B5",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:cisco:unified_contact_center_express:11.0\\(1\\)su1:*:*:*:*:*:*:*",
"matchCriteriaId": "0242DD9A-A5BB-4DE7-9218-7AE0FE2A65AD",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:cisco:unified_contact_center_express:11.0\\(1\\)su1es02:*:*:*:*:*:*:*",
"matchCriteriaId": "A5002FAA-FE64-4AA7-B0D7-22084CCE0CE4",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:cisco:unified_contact_center_express:11.0\\(1\\)su1es03:*:*:*:*:*:*:*",
"matchCriteriaId": "6C17A2AB-33B3-4089-A701-A29A4E55D667",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:cisco:unified_contact_center_express:11.5\\(1\\)es01:*:*:*:*:*:*:*",
"matchCriteriaId": "DC6FFA8B-248F-42C7-8A06-3F7E158386EE",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:cisco:unified_contact_center_express:11.5\\(1\\)su1:*:*:*:*:*:*:*",
"matchCriteriaId": "26A35E9A-FFFB-49AF-BA70-67F3EA54B9ED",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:cisco:unified_contact_center_express:11.5\\(1\\)su1es01:*:*:*:*:*:*:*",
"matchCriteriaId": "3F529FE5-1DE8-43A5-88EE-0980D3A55BCF",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:cisco:unified_contact_center_express:11.5\\(1\\)su1es02:*:*:*:*:*:*:*",
"matchCriteriaId": "766350AF-1B2F-4DC0-9DA3-E17B45892163",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:cisco:unified_contact_center_express:11.5\\(1\\)su1es03:*:*:*:*:*:*:*",
"matchCriteriaId": "702E48CC-3858-491C-A328-5D9ADDDC8DC0",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:cisco:unified_contact_center_express:11.6\\(1\\):*:*:*:*:*:*:*",
"matchCriteriaId": "20CF8B80-28C0-407B-BA60-1B07694A3DFA",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:cisco:unified_contact_center_express:11.6\\(1\\)es01:*:*:*:*:*:*:*",
"matchCriteriaId": "59A30F7B-9756-40BD-89C1-60E2702CC806",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:cisco:unified_contact_center_express:11.6\\(1\\)es02:*:*:*:*:*:*:*",
"matchCriteriaId": "29A15BB5-0725-4159-B387-74CFBF58F349",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:cisco:unified_contact_center_express:11.6\\(2\\):*:*:*:*:*:*:*",
"matchCriteriaId": "82F5416D-0DF3-48BB-8A23-DBC2B0746195",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:cisco:unified_contact_center_express:11.6\\(2\\)es01:*:*:*:*:*:*:*",
"matchCriteriaId": "908E3B03-7248-44B4-B0DE-E3B3F7FA9555",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:cisco:unified_contact_center_express:11.6\\(2\\)es02:*:*:*:*:*:*:*",
"matchCriteriaId": "1705F343-BF9D-4EBC-B833-64F03EDD7C27",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:cisco:unified_contact_center_express:11.6\\(2\\)es03:*:*:*:*:*:*:*",
"matchCriteriaId": "686F6450-99FC-4260-B9CE-B7F313464EFB",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:cisco:unified_contact_center_express:11.6\\(2\\)es04:*:*:*:*:*:*:*",
"matchCriteriaId": "93851C02-3E0A-41F1-82BB-24546A83E272",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:cisco:unified_contact_center_express:11.6\\(2\\)es05:*:*:*:*:*:*:*",
"matchCriteriaId": "10E25C7A-42B4-40CE-A13B-0252C05FCFD5",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:cisco:unified_contact_center_express:11.6\\(2\\)es06:*:*:*:*:*:*:*",
"matchCriteriaId": "4D0128C7-3FB4-42EE-B4D8-68EAAC4727A9",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:cisco:unified_contact_center_express:11.6\\(2\\)es07:*:*:*:*:*:*:*",
"matchCriteriaId": "2A92970B-53FD-4ED6-95BC-FDC7BB6780CB",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:cisco:unified_contact_center_express:11.6\\(2\\)es08:*:*:*:*:*:*:*",
"matchCriteriaId": "FE8E4137-3059-46B0-B241-2AA42A3D959E",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:cisco:unified_contact_center_express:12.0\\(1\\):*:*:*:*:*:*:*",
"matchCriteriaId": "30A8784D-B7A6-4F13-B89D-4ED910CC0576",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:cisco:unified_contact_center_express:12.0\\(1\\)es01:*:*:*:*:*:*:*",
"matchCriteriaId": "B368DEE7-7639-4D46-997B-2F2409712CAA",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:cisco:unified_contact_center_express:12.0\\(1\\)es02:*:*:*:*:*:*:*",
"matchCriteriaId": "B721320B-C72C-4550-B585-9F43439FAB25",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:cisco:unified_contact_center_express:12.0\\(1\\)es03:*:*:*:*:*:*:*",
"matchCriteriaId": "A5F18549-A002-4106-9740-6B641E0ECF8E",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:cisco:unified_contact_center_express:12.0\\(1\\)es04:*:*:*:*:*:*:*",
"matchCriteriaId": "CFF4AD59-6A04-4473-84E0-D99D24D99BC4",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:cisco:unified_contact_center_express:12.5\\(1\\):*:*:*:*:*:*:*",
"matchCriteriaId": "A9715BD0-F519-462E-ACF6-859B203638D5",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:cisco:unified_contact_center_express:12.5\\(1\\)_su01_es01:*:*:*:*:*:*:*",
"matchCriteriaId": "CB2C8F59-78F2-4E3A-8261-F4EF214F691A",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:cisco:unified_contact_center_express:12.5\\(1\\)_su01_es02:*:*:*:*:*:*:*",
"matchCriteriaId": "D3117461-56A5-4957-8BE0-83F44B66AE3E",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:cisco:unified_contact_center_express:12.5\\(1\\)_su01_es03:*:*:*:*:*:*:*",
"matchCriteriaId": "4B279AE4-9CF7-49F1-A4C3-D8A6301EF136",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:cisco:unified_contact_center_express:12.5\\(1\\)_su02_es01:*:*:*:*:*:*:*",
"matchCriteriaId": "860ACAB6-5CB9-468C-90C4-B7C8E9559D2A",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:cisco:unified_contact_center_express:12.5\\(1\\)_su02_es02:*:*:*:*:*:*:*",
"matchCriteriaId": "FB2D8357-773D-492F-BC5B-F672C4D736A7",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:cisco:unified_contact_center_express:12.5\\(1\\)_su02_es03:*:*:*:*:*:*:*",
"matchCriteriaId": "EE0B3B5E-2C4C-473C-B7FB-F62AAC19744C",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:cisco:unified_contact_center_express:12.5\\(1\\)_su02_es04:*:*:*:*:*:*:*",
"matchCriteriaId": "51D7EEFA-D04C-4769-8C62-B8B5902F79ED",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:cisco:unified_contact_center_express:12.5\\(1\\)_su03_es01:*:*:*:*:*:*:*",
"matchCriteriaId": "E31A16D3-3B40-42EA-BAC3-05A13082CED2",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:cisco:unified_contact_center_express:12.5\\(1\\)_su03_es02:*:*:*:*:*:*:*",
"matchCriteriaId": "21F08B08-23C1-4AD7-AD67-34D196C8470E",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:cisco:unified_contact_center_express:12.5\\(1\\)_su03_es03:*:*:*:*:*:*:*",
"matchCriteriaId": "05AD3A80-2409-475E-87F5-430E51C53087",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:cisco:unified_contact_center_express:12.5\\(1\\)_su03_es04:*:*:*:*:*:*:*",
"matchCriteriaId": "49165652-275C-4AD9-9585-2F130989D404",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:cisco:unified_contact_center_express:12.5\\(1\\)_su03_es05:*:*:*:*:*:*:*",
"matchCriteriaId": "A4480EF1-226E-459E-B2F5-3985A219BBD5",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:cisco:unified_contact_center_express:12.5\\(1\\)_su03_es06:*:*:*:*:*:*:*",
"matchCriteriaId": "2A408698-6123-4772-8D11-FE89EBB135D0",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:cisco:unified_contact_center_express:12.5\\(1\\)es01:*:*:*:*:*:*:*",
"matchCriteriaId": "81728CDB-DD39-4DD9-BB82-6F2D8E3D1E2D",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:cisco:unified_contact_center_express:12.5\\(1\\)es02:*:*:*:*:*:*:*",
"matchCriteriaId": "80F9AF5B-3670-4910-9AD8-C1FB90C7190B",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:cisco:unified_contact_center_express:12.5\\(1\\)es03:*:*:*:*:*:*:*",
"matchCriteriaId": "78DAF852-5CA1-4D2B-948B-F0E9FB9DA973",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:cisco:unified_contact_center_express:12.5\\(1\\)su1:*:*:*:*:*:*:*",
"matchCriteriaId": "83EDDAAF-0746-4851-B7E5-60E4ED039D02",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:cisco:unified_contact_center_express:12.5\\(1\\)su2:*:*:*:*:*:*:*",
"matchCriteriaId": "0FBB3406-4AD0-41B1-AFC3-3FC6E7E01B10",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:cisco:unified_contact_center_express:12.5\\(1\\)su3:*:*:*:*:*:*:*",
"matchCriteriaId": "6BF183D9-CDF6-44D9-B529-F13666A3EE07",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
}
]
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:a:cisco:unified_intelligence_center:*:*:*:*:*:*:*:*",
"matchCriteriaId": "A3836BAC-BF47-4212-9018-9797A89A528B",
"versionEndExcluding": "12.6\\(2\\)es_04",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
}
]
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:a:cisco:unity_connection:12.5\\(1\\):*:*:*:*:*:*:*",
"matchCriteriaId": "1C9DD393-7E10-4EE5-9FB4-855F3231F989",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:cisco:unity_connection:12.5\\(1\\)su1:*:*:*:*:*:*:*",
"matchCriteriaId": "7D2C89A9-B258-4BEC-9819-7AF3229F4343",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:cisco:unity_connection:12.5\\(1\\)su2:*:*:*:*:*:*:*",
"matchCriteriaId": "1E53369D-EABA-4381-8480-237881743CB8",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:cisco:unity_connection:12.5\\(1\\)su3:*:*:*:*:*:*:*",
"matchCriteriaId": "BFCEF0CC-0553-4886-863B-61F1994D039B",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:cisco:unity_connection:12.5\\(1\\)su4:*:*:*:*:*:*:*",
"matchCriteriaId": "5E310C92-6C6B-4198-9220-4D43730B1AD3",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:cisco:unity_connection:12.5\\(1\\)su5:*:*:*:*:*:*:*",
"matchCriteriaId": "1A2FF97D-3E51-473C-8466-E451771BE938",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:cisco:unity_connection:12.5\\(1\\)su6:*:*:*:*:*:*:*",
"matchCriteriaId": "86884D5E-B015-447A-9834-1264315FCC50",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:cisco:unity_connection:12.5\\(1\\)su7:*:*:*:*:*:*:*",
"matchCriteriaId": "538BCDAE-A94C-4343-B63B-5D29023707E8",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:cisco:unity_connection:12.5\\(1\\)su8:*:*:*:*:*:*:*",
"matchCriteriaId": "E89A84F3-E075-4CAF-9B3C-5F080FC37F8D",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:cisco:unity_connection:12.5\\(1\\)su8a:*:*:*:*:*:*:*",
"matchCriteriaId": "4BDF5353-D773-460B-B02A-5409112BE2E4",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:cisco:unity_connection:12.5\\(1\\)su9:*:*:*:*:*:*:*",
"matchCriteriaId": "30DE4A5D-BC2D-4F77-91C0-E978EA02AAD8",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
}
]
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:a:cisco:virtualized_voice_browser:*:*:*:*:*:*:*:*",
"matchCriteriaId": "5C923C78-995C-4988-8123-DC32B519A711",
"versionEndExcluding": "12.6\\(2\\)es06",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
}
]
}
],
"cveTags": [],
"descriptions": [
{
"lang": "en",
"value": "A vulnerability in the CLI of multiple Cisco Unified Communications products could allow an authenticated, local attacker to execute arbitrary commands on the underlying operating system of an affected device as the root user.\r\n\r\nThis vulnerability is due to improper validation of user-supplied command arguments. An attacker could exploit this vulnerability by executing crafted commands on the CLI of an affected device. A successful exploit could allow the attacker to execute arbitrary commands on the underlying operating system of an affected device as the root user. To exploit this vulnerability, the attacker must have valid administrative credentials."
},
{
"lang": "es",
"value": "Una vulnerabilidad en la CLI de varios productos de Cisco Unified Communications podr\u00eda permitir que un atacante local autenticado ejecute comandos arbitrarios en el sistema operativo subyacente de un dispositivo afectado como usuario root. Esta vulnerabilidad se debe a una validaci\u00f3n incorrecta de los argumentos de comando proporcionados por el usuario. Un atacante podr\u00eda explotar esta vulnerabilidad ejecutando comandos manipulados en la CLI de un dispositivo afectado. Una explotaci\u00f3n exitosa podr\u00eda permitir al atacante ejecutar comandos arbitrarios en el sistema operativo subyacente de un dispositivo afectado como usuario root. Para explotar esta vulnerabilidad, el atacante debe tener credenciales de administrador v\u00e1lidas.\n"
}
],
"id": "CVE-2025-20278",
"lastModified": "2025-07-31T15:02:05.967",
"metrics": {
"cvssMetricV31": [
{
"cvssData": {
"attackComplexity": "LOW",
"attackVector": "LOCAL",
"availabilityImpact": "NONE",
"baseScore": 6.0,
"baseSeverity": "MEDIUM",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"privilegesRequired": "HIGH",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:N",
"version": "3.1"
},
"exploitabilityScore": 0.8,
"impactScore": 5.2,
"source": "psirt@cisco.com",
"type": "Secondary"
},
{
"cvssData": {
"attackComplexity": "LOW",
"attackVector": "LOCAL",
"availabilityImpact": "HIGH",
"baseScore": 6.7,
"baseSeverity": "MEDIUM",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"privilegesRequired": "HIGH",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:H",
"version": "3.1"
},
"exploitabilityScore": 0.8,
"impactScore": 5.9,
"source": "nvd@nist.gov",
"type": "Primary"
}
]
},
"published": "2025-06-04T17:15:27.963",
"references": [
{
"source": "psirt@cisco.com",
"tags": [
"Vendor Advisory"
],
"url": "https://sec.cloudapps.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-vos-command-inject-65s2UCYy"
}
],
"sourceIdentifier": "psirt@cisco.com",
"vulnStatus": "Analyzed",
"weaknesses": [
{
"description": [
{
"lang": "en",
"value": "CWE-77"
}
],
"source": "psirt@cisco.com",
"type": "Primary"
}
]
}
FKIE_CVE-2024-20253
Vulnerability from fkie_nvd - Published: 2024-01-26 18:15 - Updated: 2025-05-29 16:15
Severity ?
9.9 (Critical) - CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:C/C:L/I:L/A:H
10.0 (Critical) - CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:C/C:H/I:H/A:H
10.0 (Critical) - CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:C/C:H/I:H/A:H
Summary
A vulnerability in multiple Cisco Unified Communications and Contact Center Solutions products could allow an unauthenticated, remote attacker to execute arbitrary code on an affected device. This vulnerability is due to the improper processing of user-provided data that is being read into memory. An attacker could exploit this vulnerability by sending a crafted message to a listening port of an affected device. A successful exploit could allow the attacker to execute arbitrary commands on the underlying operating system with the privileges of the web services user. With access to the underlying operating system, the attacker could also establish root access on the affected device.
References
| URL | Tags | ||
|---|---|---|---|
| psirt@cisco.com | https://sec.cloudapps.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-cucm-rce-bWNzQcUm | Issue Tracking, Vendor Advisory | |
| af854a3a-2127-422b-91ae-364da2661108 | https://sec.cloudapps.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-cucm-rce-bWNzQcUm | Issue Tracking, Vendor Advisory |
Impacted products
{
"configurations": [
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:a:cisco:unified_communications_manager:*:*:*:*:-:*:*:*",
"matchCriteriaId": "FB3C1282-5EC8-4E46-ADD9-898449D96A22",
"versionEndExcluding": "12.5\\(1\\)su8",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:cisco:unified_communications_manager:*:*:*:*:*:*:*:*",
"matchCriteriaId": "312C8052-DA09-4B61-9E90-E9EEE265A4BC",
"versionEndExcluding": "14su3",
"versionStartIncluding": "14.0",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
}
]
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:a:cisco:unified_communications_manager:*:*:*:*:session_management:*:*:*",
"matchCriteriaId": "EA4F43B2-1C73-415B-84BF-26D0322FA2C1",
"versionEndExcluding": "12.5\\(1\\)su8",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:cisco:unified_communications_manager:*:*:*:*:session_management:*:*:*",
"matchCriteriaId": "C64C5167-7428-4F9E-B1E9-CAD3236B64AD",
"versionEndExcluding": "14su3",
"versionStartIncluding": "14.0",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
}
]
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:a:cisco:unified_communications_manager_im_and_presence_service:*:*:*:*:*:*:*:*",
"matchCriteriaId": "DFF9029D-553F-43FD-8F37-86B11A17EC91",
"versionEndExcluding": "12.5\\(1\\)su8",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:cisco:unified_communications_manager_im_and_presence_service:*:*:*:*:*:*:*:*",
"matchCriteriaId": "D09B9BD3-3C31-4816-AD4C-043543C56DB5",
"versionEndExcluding": "14.0su3",
"versionStartIncluding": "14.0",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
}
]
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:a:cisco:unity_connection:*:*:*:*:*:*:*:*",
"matchCriteriaId": "E2BC7834-136A-4117-BEDC-0C96EC59227B",
"versionEndExcluding": "12.5\\(1\\)su8",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:cisco:unity_connection:*:*:*:*:*:*:*:*",
"matchCriteriaId": "06851CA9-B778-4471-BB1D-A2237B225A4C",
"versionEndExcluding": "14su3",
"versionStartIncluding": "14.0",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
}
]
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:a:cisco:unified_contact_center_express:12.5\\(1\\):-:*:*:*:*:*:*",
"matchCriteriaId": "66E25EE4-AB7B-42BF-A703-0C2E83E83577",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
}
]
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:a:cisco:virtualized_voice_browser:12.5\\(1\\):*:*:*:*:*:*:*",
"matchCriteriaId": "3164D29F-4726-4438-9F31-8644B1C2F0E7",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:cisco:virtualized_voice_browser:12.6\\(1\\):*:*:*:*:*:*:*",
"matchCriteriaId": "7A2BE523-1AAF-4AB5-ACA3-A1E194590B09",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:cisco:virtualized_voice_browser:12.6\\(2\\):*:*:*:*:*:*:*",
"matchCriteriaId": "0A7B033E-5B7F-4C11-9C6C-CA4363770A7A",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
}
]
}
],
"cveTags": [],
"descriptions": [
{
"lang": "en",
"value": "A vulnerability in multiple Cisco Unified Communications and Contact Center Solutions products could allow an unauthenticated, remote attacker to execute arbitrary code on an affected device. This vulnerability is due to the improper processing of user-provided data that is being read into memory. An attacker could exploit this vulnerability by sending a crafted message to a listening port of an affected device. A successful exploit could allow the attacker to execute arbitrary commands on the underlying operating system with the privileges of the web services user. With access to the underlying operating system, the attacker could also establish root access on the affected device."
},
{
"lang": "es",
"value": "Una vulnerabilidad en m\u00faltiples productos Cisco Unified Communications y Contact Center Solutions podr\u00eda permitir que un atacante remoto no autenticado ejecute c\u00f3digo arbitrario en un dispositivo afectado. Esta vulnerabilidad se debe al procesamiento inadecuado de los datos proporcionados por el usuario que se leen en la memoria. Un atacante podr\u00eda aprovechar esta vulnerabilidad enviando un mensaje manipulado a un puerto de escucha de un dispositivo afectado. Una explotaci\u00f3n exitosa podr\u00eda permitir al atacante ejecutar comandos arbitrarios en el sistema operativo subyacente con los privilegios del usuario de servicios web. Con acceso al sistema operativo subyacente, el atacante tambi\u00e9n podr\u00eda establecer acceso root en el dispositivo afectado."
}
],
"id": "CVE-2024-20253",
"lastModified": "2025-05-29T16:15:33.330",
"metrics": {
"cvssMetricV31": [
{
"cvssData": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "HIGH",
"baseScore": 9.9,
"baseSeverity": "CRITICAL",
"confidentialityImpact": "LOW",
"integrityImpact": "LOW",
"privilegesRequired": "NONE",
"scope": "CHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:C/C:L/I:L/A:H",
"version": "3.1"
},
"exploitabilityScore": 3.9,
"impactScore": 5.3,
"source": "psirt@cisco.com",
"type": "Secondary"
},
{
"cvssData": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "HIGH",
"baseScore": 10.0,
"baseSeverity": "CRITICAL",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"privilegesRequired": "NONE",
"scope": "CHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:C/C:H/I:H/A:H",
"version": "3.1"
},
"exploitabilityScore": 3.9,
"impactScore": 6.0,
"source": "nvd@nist.gov",
"type": "Primary"
}
]
},
"published": "2024-01-26T18:15:10.970",
"references": [
{
"source": "psirt@cisco.com",
"tags": [
"Issue Tracking",
"Vendor Advisory"
],
"url": "https://sec.cloudapps.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-cucm-rce-bWNzQcUm"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Issue Tracking",
"Vendor Advisory"
],
"url": "https://sec.cloudapps.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-cucm-rce-bWNzQcUm"
}
],
"sourceIdentifier": "psirt@cisco.com",
"vulnStatus": "Modified",
"weaknesses": [
{
"description": [
{
"lang": "en",
"value": "CWE-502"
}
],
"source": "psirt@cisco.com",
"type": "Primary"
},
{
"description": [
{
"lang": "en",
"value": "NVD-CWE-noinfo"
}
],
"source": "nvd@nist.gov",
"type": "Secondary"
},
{
"description": [
{
"lang": "en",
"value": "CWE-502"
}
],
"source": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"type": "Secondary"
}
]
}
FKIE_CVE-2021-44228
Vulnerability from fkie_nvd - Published: 2021-12-10 10:15 - Updated: 2025-10-27 17:40
Severity ?
10.0 (Critical) - CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:C/C:H/I:H/A:H
10.0 (Critical) - CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:C/C:H/I:H/A:H
10.0 (Critical) - CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:C/C:H/I:H/A:H
Summary
Apache Log4j2 2.0-beta9 through 2.15.0 (excluding security releases 2.12.2, 2.12.3, and 2.3.1) JNDI features used in configuration, log messages, and parameters do not protect against attacker controlled LDAP and other JNDI related endpoints. An attacker who can control log messages or log message parameters can execute arbitrary code loaded from LDAP servers when message lookup substitution is enabled. From log4j 2.15.0, this behavior has been disabled by default. From version 2.16.0 (along with 2.12.2, 2.12.3, and 2.3.1), this functionality has been completely removed. Note that this vulnerability is specific to log4j-core and does not affect log4net, log4cxx, or other Apache Logging Services projects.
References
Impacted products
{
"cisaActionDue": "2021-12-24",
"cisaExploitAdd": "2021-12-10",
"cisaRequiredAction": "For all affected software assets for which updates exist, the only acceptable remediation actions are: 1) Apply updates; OR 2) remove affected assets from agency networks. Temporary mitigations using one of the measures provided at https://www.cisa.gov/uscert/ed-22-02-apache-log4j-recommended-mitigation-measures are only acceptable until updates are available.",
"cisaVulnerabilityName": "Apache Log4j2 Remote Code Execution Vulnerability",
"configurations": [
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:siemens:6bk1602-0aa12-0tp0_firmware:*:*:*:*:*:*:*:*",
"matchCriteriaId": "BD64FC36-CC7B-4FD7-9845-7EA1DDB0E627",
"versionEndExcluding": "2.7.0",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:siemens:6bk1602-0aa12-0tp0:-:*:*:*:*:*:*:*",
"matchCriteriaId": "CF99FE8F-40D0-48A8-9A40-43119B259535",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:siemens:6bk1602-0aa22-0tp0_firmware:*:*:*:*:*:*:*:*",
"matchCriteriaId": "D0012304-B1C8-460A-B891-42EBF96504F5",
"versionEndExcluding": "2.7.0",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:siemens:6bk1602-0aa22-0tp0:-:*:*:*:*:*:*:*",
"matchCriteriaId": "F3F61BCB-64FA-463C-8B95-8868995EDBC0",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:siemens:6bk1602-0aa32-0tp0_firmware:*:*:*:*:*:*:*:*",
"matchCriteriaId": "B02BCF56-D9D3-4BF3-85A2-D445E997F5EC",
"versionEndExcluding": "2.7.0",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:siemens:6bk1602-0aa32-0tp0:-:*:*:*:*:*:*:*",
"matchCriteriaId": "B5A189B7-DDBF-4B84-997F-637CEC5FF12B",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:siemens:6bk1602-0aa42-0tp0_firmware:*:*:*:*:*:*:*:*",
"matchCriteriaId": "4A2DB5BA-1065-467A-8FB6-81B5EC29DC0C",
"versionEndExcluding": "2.7.0",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:siemens:6bk1602-0aa42-0tp0:-:*:*:*:*:*:*:*",
"matchCriteriaId": "035AFD6F-E560-43C8-A283-8D80DAA33025",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:siemens:6bk1602-0aa52-0tp0_firmware:*:*:*:*:*:*:*:*",
"matchCriteriaId": "809EB87E-561A-4DE5-9FF3-BBEE0FA3706E",
"versionEndExcluding": "2.7.0",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:siemens:6bk1602-0aa52-0tp0:-:*:*:*:*:*:*:*",
"matchCriteriaId": "4594FF76-A1F8-4457-AE90-07D051CD0DCB",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:a:apache:log4j:*:*:*:*:*:*:*:*",
"matchCriteriaId": "03FA5E81-F9C0-403E-8A4B-E4284E4E7B72",
"versionEndExcluding": "2.3.1",
"versionStartIncluding": "2.0.1",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:apache:log4j:*:*:*:*:*:*:*:*",
"matchCriteriaId": "AED3D5EC-DAD5-4E5F-8BBD-B4E3349D84FC",
"versionEndExcluding": "2.12.2",
"versionStartIncluding": "2.4.0",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:apache:log4j:*:*:*:*:*:*:*:*",
"matchCriteriaId": "D31D423D-FC4D-428A-B863-55AF472B80DC",
"versionEndExcluding": "2.15.0",
"versionStartIncluding": "2.13.0",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:apache:log4j:2.0:-:*:*:*:*:*:*",
"matchCriteriaId": "17854E42-7063-4A55-BF2A-4C7074CC2D60",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:apache:log4j:2.0:beta9:*:*:*:*:*:*",
"matchCriteriaId": "53F32FB2-6970-4975-8BD0-EAE12E9AD03A",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:apache:log4j:2.0:rc1:*:*:*:*:*:*",
"matchCriteriaId": "B773ED91-1D39-42E6-9C52-D02210DE1A94",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:apache:log4j:2.0:rc2:*:*:*:*:*:*",
"matchCriteriaId": "EF24312D-1A62-482E-8078-7EC24758B710",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
}
]
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:siemens:sppa-t3000_ses3000_firmware:*:*:*:*:*:*:*:*",
"matchCriteriaId": "E8320869-CBF4-4C92-885C-560C09855BFA",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:siemens:sppa-t3000_ses3000:-:*:*:*:*:*:*:*",
"matchCriteriaId": "755BA221-33DD-40A2-A517-8574D042C261",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:a:siemens:capital:*:*:*:*:*:*:*:*",
"matchCriteriaId": "9AAF12D5-7961-4344-B0CC-BE1C673BFE1F",
"versionEndExcluding": "2019.1",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:siemens:capital:2019.1:-:*:*:*:*:*:*",
"matchCriteriaId": "19CB7B44-1877-4739-AECB-3E995ED03FC9",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:siemens:capital:2019.1:sp1912:*:*:*:*:*:*",
"matchCriteriaId": "A883D9C2-F2A4-459F-8000-EE288DC0DD17",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:siemens:comos:*:*:*:*:*:*:*:*",
"matchCriteriaId": "9CD4AC6F-B8D3-4588-B3BD-55C9BAF4AAAC",
"versionEndExcluding": "10.4.2",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:siemens:desigo_cc_advanced_reports:3.0:*:*:*:*:*:*:*",
"matchCriteriaId": "8AFD64AC-0826-48FB-91B0-B8DF5ECC8775",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:siemens:desigo_cc_advanced_reports:4.0:*:*:*:*:*:*:*",
"matchCriteriaId": "BB524B33-68E7-46A2-B5CE-BCD9C3194B8B",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:siemens:desigo_cc_advanced_reports:4.1:*:*:*:*:*:*:*",
"matchCriteriaId": "5F852C6D-44A0-4CCE-83C7-4501CAD73F9F",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:siemens:desigo_cc_advanced_reports:4.2:*:*:*:*:*:*:*",
"matchCriteriaId": "AA61161C-C2E7-4852-963E-E2D3DFBFDC7B",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:siemens:desigo_cc_advanced_reports:5.0:*:*:*:*:*:*:*",
"matchCriteriaId": "A76AA04A-BB43-4027-895E-D1EACFCDF41B",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:siemens:desigo_cc_advanced_reports:5.1:*:*:*:*:*:*:*",
"matchCriteriaId": "2A6B60F3-327B-49B7-B5E4-F1C60896C9BB",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:siemens:desigo_cc_info_center:5.0:*:*:*:*:*:*:*",
"matchCriteriaId": "4BCF281E-B0A2-49E2-AEF8-8691BDCE08D5",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:siemens:desigo_cc_info_center:5.1:*:*:*:*:*:*:*",
"matchCriteriaId": "A87EFCC4-4BC1-4FEA-BAA4-8FF221838EBD",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:siemens:e-car_operation_center:*:*:*:*:*:*:*:*",
"matchCriteriaId": "B678380B-E95E-4A8B-A49D-D13B62AA454E",
"versionEndExcluding": "2021-12-13",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:siemens:energy_engage:3.1:*:*:*:*:*:*:*",
"matchCriteriaId": "4557476B-0157-44C2-BB50-299E7C7E1E72",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:siemens:energyip:8.5:*:*:*:*:*:*:*",
"matchCriteriaId": "991B2959-5AA3-4B68-A05A-42D9860FAA9D",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:siemens:energyip:8.6:*:*:*:*:*:*:*",
"matchCriteriaId": "7E5948A0-CA31-41DF-85B6-1E6D09E5720B",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:siemens:energyip:8.7:*:*:*:*:*:*:*",
"matchCriteriaId": "4C08D302-EEAC-45AA-9943-3A5F09E29FAB",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:siemens:energyip:9.0:*:*:*:*:*:*:*",
"matchCriteriaId": "D53BA68C-B653-4507-9A2F-177CF456960F",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:siemens:energyip_prepay:*:*:*:*:*:*:*:*",
"matchCriteriaId": "536C7527-27E6-41C9-8ED8-564DD0DC4EA0",
"versionEndExcluding": "3.8.0.12",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:siemens:gma-manager:*:*:*:*:*:*:*:*",
"matchCriteriaId": "0E180527-5C36-4158-B017-5BEDC0412FD6",
"versionEndExcluding": "8.6.2j-398",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:siemens:head-end_system_universal_device_integration_system:*:*:*:*:*:*:*:*",
"matchCriteriaId": "AFDADA98-1CD0-45DA-9082-BFC383F7DB97",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:siemens:industrial_edge_management:*:*:*:*:*:*:*:*",
"matchCriteriaId": "E33D707F-100E-4DE7-A05B-42467DE75EAC",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:siemens:industrial_edge_management_hub:*:*:*:*:*:*:*:*",
"matchCriteriaId": "DD3EAC80-44BE-41D2-8D57-0EE3DBA1E1B1",
"versionEndExcluding": "2021-12-13",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:siemens:logo\\!_soft_comfort:*:*:*:*:*:*:*:*",
"matchCriteriaId": "2AC8AB52-F4F4-440D-84F5-2776BFE1957A",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:siemens:mendix:*:*:*:*:*:*:*:*",
"matchCriteriaId": "6AF6D774-AC8C-49CA-A00B-A2740CA8FA91",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:siemens:mindsphere:*:*:*:*:*:*:*:*",
"matchCriteriaId": "25FADB1B-988D-4DB9-9138-7542AFDEB672",
"versionEndExcluding": "2021-12-16",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:siemens:navigator:*:*:*:*:*:*:*:*",
"matchCriteriaId": "48C6A61B-2198-4B9E-8BCF-824643C81EC3",
"versionEndExcluding": "2021-12-13",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:siemens:nx:*:*:*:*:*:*:*:*",
"matchCriteriaId": "BEE2F7A1-8281-48F1-8BFB-4FE0D7E1AEF4",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:siemens:opcenter_intelligence:*:*:*:*:*:*:*:*",
"matchCriteriaId": "C07AFA19-21AE-4C7E-AA95-69599834C0EC",
"versionEndExcluding": "3.5",
"versionStartIncluding": "3.2",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:siemens:operation_scheduler:*:*:*:*:*:*:*:*",
"matchCriteriaId": "74D1F4AD-9A60-4432-864F-4505B3C60659",
"versionEndIncluding": "1.1.3",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:siemens:sentron_powermanager:4.1:*:*:*:*:*:*:*",
"matchCriteriaId": "7ABA5332-8D1E-4129-A557-FCECBAC12827",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:siemens:sentron_powermanager:4.2:*:*:*:*:*:*:*",
"matchCriteriaId": "9C3AA865-5570-4C8B-99DE-431AD7B163F1",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:siemens:siguard_dsa:*:*:*:*:*:*:*:*",
"matchCriteriaId": "9A4B950B-4527-491B-B111-046DB1CCC037",
"versionEndExcluding": "4.4.1",
"versionStartIncluding": "4.2",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:siemens:sipass_integrated:2.80:*:*:*:*:*:*:*",
"matchCriteriaId": "83E77D85-0AE8-41D6-AC0C-983A8B73C831",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:siemens:sipass_integrated:2.85:*:*:*:*:*:*:*",
"matchCriteriaId": "02B28A44-3708-480D-9D6D-DDF8C21A15EC",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:siemens:siveillance_command:*:*:*:*:*:*:*:*",
"matchCriteriaId": "2FC0A575-F771-4B44-A0C6-6A5FD98E5134",
"versionEndIncluding": "4.16.2.1",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:siemens:siveillance_control_pro:*:*:*:*:*:*:*:*",
"matchCriteriaId": "6D1D6B61-1F17-4008-9DFB-EF419777768E",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:siemens:siveillance_identity:1.5:*:*:*:*:*:*:*",
"matchCriteriaId": "9772EE3F-FFC5-4611-AD9A-8AD8304291BB",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:siemens:siveillance_identity:1.6:*:*:*:*:*:*:*",
"matchCriteriaId": "CF524892-278F-4373-A8A3-02A30FA1AFF4",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:siemens:siveillance_vantage:*:*:*:*:*:*:*:*",
"matchCriteriaId": "F30DE588-9479-46AA-8346-EA433EE83A5F",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:siemens:siveillance_viewpoint:*:*:*:*:*:*:*:*",
"matchCriteriaId": "4941EAD6-8759-4C72-ABA6-259C0E838216",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:siemens:solid_edge_cam_pro:*:*:*:*:*:*:*:*",
"matchCriteriaId": "5BF2708F-0BD9-41BF-8CB1-4D06C4EFB777",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:siemens:solid_edge_harness_design:*:*:*:*:*:*:*:*",
"matchCriteriaId": "0762031C-DFF1-4962-AE05-0778B27324B9",
"versionEndExcluding": "2020",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:siemens:solid_edge_harness_design:2020:*:*:*:*:*:*:*",
"matchCriteriaId": "96271088-1D1B-4378-8ABF-11DAB3BB4DDC",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:siemens:solid_edge_harness_design:2020:-:*:*:*:*:*:*",
"matchCriteriaId": "2595AD24-2DF2-4080-B780-BC03F810B9A9",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:siemens:solid_edge_harness_design:2020:sp2002:*:*:*:*:*:*",
"matchCriteriaId": "88096F08-F261-4E3E-9EEB-2AB0225CD6F3",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:siemens:spectrum_power_4:*:*:*:*:*:*:*:*",
"matchCriteriaId": "044994F7-8127-4F03-AA1A-B2AB41D68AF5",
"versionEndExcluding": "4.70",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:siemens:spectrum_power_4:4.70:-:*:*:*:*:*:*",
"matchCriteriaId": "A6CB3A8D-9577-41FB-8AC4-0DF8DE6A519C",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:siemens:spectrum_power_4:4.70:sp7:*:*:*:*:*:*",
"matchCriteriaId": "17B7C211-6339-4AF2-9564-94C7DE52EEB7",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:siemens:spectrum_power_4:4.70:sp8:*:*:*:*:*:*",
"matchCriteriaId": "DBCCBBBA-9A4F-4354-91EE-10A1460BBA3F",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:siemens:spectrum_power_7:*:*:*:*:*:*:*:*",
"matchCriteriaId": "12F81F6B-E455-4367-ADA4-8A5EC7F4754A",
"versionEndExcluding": "2.30",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:siemens:spectrum_power_7:2.30:*:*:*:*:*:*:*",
"matchCriteriaId": "A5EF509E-3799-4718-B361-EFCBA17AEEF3",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:siemens:spectrum_power_7:2.30:-:*:*:*:*:*:*",
"matchCriteriaId": "8CA31645-29FC-4432-9BFC-C98A808DB8CF",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:siemens:spectrum_power_7:2.30:sp2:*:*:*:*:*:*",
"matchCriteriaId": "BB424991-0B18-4FFC-965F-FCF4275F56C5",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:siemens:teamcenter:*:*:*:*:*:*:*:*",
"matchCriteriaId": "1B209EFE-77F2-48CD-A880-ABA0A0A81AB1",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:siemens:vesys:*:*:*:*:*:*:*:*",
"matchCriteriaId": "72D238AB-4A1F-458D-897E-2C93DCD7BA6C",
"versionEndExcluding": "2019.1",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:siemens:vesys:2019.1:*:*:*:*:*:*:*",
"matchCriteriaId": "9778339A-EA93-4D18-9A03-4EB4CBD25459",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:siemens:vesys:2019.1:-:*:*:*:*:*:*",
"matchCriteriaId": "1747F127-AB45-4325-B9A1-F3D12E69FFC8",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:siemens:vesys:2019.1:sp1912:*:*:*:*:*:*",
"matchCriteriaId": "18BBEF7C-F686-4129-8EE9-0F285CE38845",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:siemens:vesys:2020.1:-:*:*:*:*:*:*",
"matchCriteriaId": "264C7817-0CD5-4370-BC39-E1DF3E932E16",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:siemens:vesys:2021.1:-:*:*:*:*:*:*",
"matchCriteriaId": "C7442C42-D493-46B9-BCC2-2C62EAD5B945",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:siemens:xpedition_enterprise:-:*:*:*:*:*:*:*",
"matchCriteriaId": "AD525494-2807-48EA-AED0-11B9CB5A6A9B",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:siemens:xpedition_package_integrator:-:*:*:*:*:*:*:*",
"matchCriteriaId": "1EDCBF98-A857-48BC-B04D-6F36A1975AA5",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
}
]
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:a:intel:computer_vision_annotation_tool:-:*:*:*:*:*:*:*",
"matchCriteriaId": "12A06BF8-E4DC-4389-8A91-8AC7598E0009",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:intel:datacenter_manager:*:*:*:*:*:*:*:*",
"matchCriteriaId": "EAD1E1F3-F06B-4D17-8854-2CDA7E6D872D",
"versionEndExcluding": "5.1",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:intel:genomics_kernel_library:-:*:*:*:*:*:*:*",
"matchCriteriaId": "18989EBC-E1FB-473B-83E0-48C8896C2E96",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:intel:oneapi_sample_browser:-:*:*:*:*:eclipse:*:*",
"matchCriteriaId": "EDE66B6C-25E5-49AE-B35F-582130502222",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:intel:secure_device_onboard:-:*:*:*:*:*:*:*",
"matchCriteriaId": "22BEE177-D117-478C-8EAD-9606DEDF9FD5",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:intel:system_studio:-:*:*:*:*:*:*:*",
"matchCriteriaId": "FC619106-991C-413A-809D-C2410EBA4CDB",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
}
]
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:debian:debian_linux:9.0:*:*:*:*:*:*:*",
"matchCriteriaId": "DEECE5FC-CACF-4496-A3E7-164736409252",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:debian:debian_linux:10.0:*:*:*:*:*:*:*",
"matchCriteriaId": "07B237A9-69A3-4A9C-9DA0-4E06BD37AE73",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:debian:debian_linux:11.0:*:*:*:*:*:*:*",
"matchCriteriaId": "FA6FEEC2-9F11-4643-8827-749718254FED",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
}
]
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:fedoraproject:fedora:34:*:*:*:*:*:*:*",
"matchCriteriaId": "A930E247-0B43-43CB-98FF-6CE7B8189835",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:fedoraproject:fedora:35:*:*:*:*:*:*:*",
"matchCriteriaId": "80E516C0-98A4-4ADE-B69F-66A772E2BAAA",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
}
]
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:a:sonicwall:email_security:*:*:*:*:*:*:*:*",
"matchCriteriaId": "CA7D45EF-18F7-43C6-9B51-ABAB7B0CA3CD",
"versionEndExcluding": "10.0.13",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
}
]
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:a:netapp:active_iq_unified_manager:-:*:*:*:*:linux:*:*",
"matchCriteriaId": "F3E0B672-3E06-4422-B2A4-0BD073AEC2A1",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:netapp:active_iq_unified_manager:-:*:*:*:*:vmware_vsphere:*:*",
"matchCriteriaId": "3A756737-1CC4-42C2-A4DF-E1C893B4E2D5",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:netapp:active_iq_unified_manager:-:*:*:*:*:windows:*:*",
"matchCriteriaId": "B55E8D50-99B4-47EC-86F9-699B67D473CE",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:netapp:brocade_san_navigator:-:*:*:*:*:*:*:*",
"matchCriteriaId": "25FA7A4D-B0E2-423E-8146-E221AE2D6120",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:netapp:cloud_insights:-:*:*:*:*:*:*:*",
"matchCriteriaId": "26FCA75B-4282-4E0F-95B4-640A82C8E91C",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:netapp:cloud_manager:-:*:*:*:*:*:*:*",
"matchCriteriaId": "197D0D80-6702-4B61-B681-AFDBA7D69067",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:netapp:cloud_secure_agent:-:*:*:*:*:*:*:*",
"matchCriteriaId": "F0F202E8-97E6-4BBB-A0B6-4CA3F5803C08",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:netapp:oncommand_insight:-:*:*:*:*:*:*:*",
"matchCriteriaId": "F1BE6C1F-2565-4E97-92AA-16563E5660A5",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:netapp:ontap_tools:-:*:*:*:*:vmware_vsphere:*:*",
"matchCriteriaId": "CBCC384C-5DF0-41AB-B17B-6E9B6CAE8065",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:netapp:snapcenter:-:*:*:*:*:vmware_vsphere:*:*",
"matchCriteriaId": "F3A48D58-4291-4D3C-9CEA-BF12183468A7",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:netapp:solidfire_\\\u0026_hci_storage_node:-:*:*:*:*:*:*:*",
"matchCriteriaId": "D452B464-1200-4B72-9A89-42DC58486191",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:netapp:solidfire_enterprise_sds:-:*:*:*:*:*:*:*",
"matchCriteriaId": "5D18075A-E8D6-48B8-A7FA-54E336A434A2",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
}
]
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:a:cisco:advanced_malware_protection_virtual_private_cloud_appliance:*:*:*:*:*:*:*:*",
"matchCriteriaId": "4E52AF19-0158-451B-8E36-02CB6406083F",
"versionEndExcluding": "3.5.4",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:cisco:automated_subsea_tuning:*:*:*:*:*:*:*:*",
"matchCriteriaId": "CB21CFB4-4492-4C5D-BD07-FFBE8B5D92B6",
"versionEndExcluding": "2.1.0",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:cisco:broadworks:*:*:*:*:*:*:*:*",
"matchCriteriaId": "97426511-9B48-46F5-AC5C-F9781F1BAE2F",
"versionEndExcluding": "2021.11_1.162",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:cisco:business_process_automation:*:*:*:*:*:*:*:*",
"matchCriteriaId": "82306B9F-AE97-4E29-A8F7-2E5BA52998A7",
"versionEndExcluding": "3.0.000.115",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:cisco:business_process_automation:*:*:*:*:*:*:*:*",
"matchCriteriaId": "4C903C85-DC0F-47D8-B8BE-7A666877B017",
"versionEndExcluding": "3.1.000.044",
"versionStartIncluding": "3.1.000.000",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:cisco:business_process_automation:*:*:*:*:*:*:*:*",
"matchCriteriaId": "E4C6F9E0-5DCE-431D-AE7E-B680AC1F9332",
"versionEndExcluding": "3.2.000.009",
"versionStartIncluding": "3.2.000.000",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:cisco:cloud_connect:*:*:*:*:*:*:*:*",
"matchCriteriaId": "52CF6199-8028-4076-952B-855984F30129",
"versionEndExcluding": "12.6\\(1\\)",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:cisco:cloudcenter:*:*:*:*:*:*:*:*",
"matchCriteriaId": "622BB8D9-AC81-4C0F-A5C5-C5E51F0BC0D1",
"versionEndExcluding": "4.10.0.16",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:cisco:cloudcenter_cost_optimizer:*:*:*:*:*:*:*:*",
"matchCriteriaId": "38FB3CE1-5F62-4798-A825-4E3DB07E868F",
"versionEndExcluding": "5.5.2",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:cisco:cloudcenter_suite_admin:*:*:*:*:*:*:*:*",
"matchCriteriaId": "29CDB878-B085-448E-AB84-25B1E2D024F8",
"versionEndExcluding": "5.3.1",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:cisco:cloudcenter_workload_manager:*:*:*:*:*:*:*:*",
"matchCriteriaId": "C25FDA96-9490-431F-B8B6-CC2CC272670E",
"versionEndExcluding": "5.5.2",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:cisco:common_services_platform_collector:*:*:*:*:*:*:*:*",
"matchCriteriaId": "51CD9E4C-9385-435C-AD18-6C36C8DF7B65",
"versionEndExcluding": "2.9.1.3",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:cisco:common_services_platform_collector:*:*:*:*:*:*:*:*",
"matchCriteriaId": "FC0AC4C1-CB06-4084-BFBB-5B702C384C53",
"versionEndExcluding": "2.10.0.1",
"versionStartIncluding": "2.10.0",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:cisco:connected_mobile_experiences:-:*:*:*:*:*:*:*",
"matchCriteriaId": "3871EBD2-F270-435A-B98C-A282E1C52693",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:cisco:contact_center_domain_manager:*:*:*:*:*:*:*:*",
"matchCriteriaId": "8D4DF34B-E8C2-41C8-90E2-D119B50E4E7E",
"versionEndExcluding": "12.5\\(1\\)",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:cisco:contact_center_management_portal:*:*:*:*:*:*:*:*",
"matchCriteriaId": "C8EF64DA-73E4-4E5E-8F9A-B837C947722E",
"versionEndExcluding": "12.5\\(1\\)",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:cisco:crosswork_data_gateway:*:*:*:*:*:*:*:*",
"matchCriteriaId": "66E1E4FC-0B6E-4CFA-B003-91912F8785B2",
"versionEndExcluding": "2.0.2",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:cisco:crosswork_data_gateway:3.0.0:*:*:*:*:*:*:*",
"matchCriteriaId": "1B2390C3-C319-4F05-8CF0-0D30F9931507",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:cisco:crosswork_network_controller:*:*:*:*:*:*:*:*",
"matchCriteriaId": "C154491E-06C7-48B0-AC1D-89BBDBDB902E",
"versionEndExcluding": "2.0.1",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:cisco:crosswork_network_controller:3.0.0:*:*:*:*:*:*:*",
"matchCriteriaId": "1E98EC48-0CED-4E02-9CCB-06EF751F2BDC",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:cisco:crosswork_optimization_engine:*:*:*:*:*:*:*:*",
"matchCriteriaId": "C569DC2A-CFF6-4E13-A50C-E215A4F96D99",
"versionEndExcluding": "2.0.1",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:cisco:crosswork_optimization_engine:3.0.0:*:*:*:*:*:*:*",
"matchCriteriaId": "258A51AC-6649-4F67-A842-48A7AE4DCEE1",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:cisco:crosswork_platform_infrastructure:*:*:*:*:*:*:*:*",
"matchCriteriaId": "8DC22505-DE11-4A1B-8C06-1E306419B031",
"versionEndExcluding": "4.0.1",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:cisco:crosswork_platform_infrastructure:4.1.0:*:*:*:*:*:*:*",
"matchCriteriaId": "9E31AC54-B928-48B5-8293-F5F4A7A8C293",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:cisco:crosswork_zero_touch_provisioning:*:*:*:*:*:*:*:*",
"matchCriteriaId": "5B8AE870-6FD0-40D2-958B-548E2D7A7B75",
"versionEndExcluding": "2.0.1",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:cisco:crosswork_zero_touch_provisioning:3.0.0:*:*:*:*:*:*:*",
"matchCriteriaId": "68E7D83B-B6AC-45B1-89A4-D18D7A6018DD",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:cisco:customer_experience_cloud_agent:*:*:*:*:*:*:*:*",
"matchCriteriaId": "17660B09-47AA-42A2-B5FF-8EBD8091C661",
"versionEndExcluding": "1.12.1",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:cisco:cyber_vision_sensor_management_extension:*:*:*:*:*:*:*:*",
"matchCriteriaId": "FBEF9A82-16AE-437A-B8CF-CC7E9B6C4E44",
"versionEndExcluding": "4.0.3",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:cisco:data_center_network_manager:*:*:*:*:*:*:*:*",
"matchCriteriaId": "843147AE-8117-4FE9-AE74-4E1646D55642",
"versionEndExcluding": "11.3\\(1\\)",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:cisco:data_center_network_manager:11.3\\(1\\):*:*:*:*:*:*:*",
"matchCriteriaId": "7EB871C9-CA14-4829-AED3-CC2B35E99E92",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:cisco:dna_center:*:*:*:*:*:*:*:*",
"matchCriteriaId": "4FF8A83D-A282-4661-B133-213A8838FB27",
"versionEndExcluding": "2.1.2.8",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:cisco:dna_center:*:*:*:*:*:*:*:*",
"matchCriteriaId": "139CDAA5-63E9-4E56-AF72-745BD88E4B49",
"versionEndExcluding": "2.2.2.8",
"versionStartIncluding": "2.2.2.0",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:cisco:dna_center:*:*:*:*:*:*:*:*",
"matchCriteriaId": "01FD99C4-BCB1-417E-ADCE-73314AD2E857",
"versionEndExcluding": "2.2.3.4",
"versionStartIncluding": "2.2.3.0",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:cisco:dna_spaces\\:_connector:*:*:*:*:*:*:*:*",
"matchCriteriaId": "9031BE8A-646A-4581-BDE5-750FB0CE04CB",
"versionEndExcluding": "2.5",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:cisco:emergency_responder:*:*:*:*:*:*:*:*",
"matchCriteriaId": "15BED3E2-46FF-4E58-8C5D-4D8FE5B0E527",
"versionEndExcluding": "11.5\\(4\\)",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:cisco:enterprise_chat_and_email:*:*:*:*:*:*:*:*",
"matchCriteriaId": "7C950436-2372-4C4B-9B56-9CB48D843045",
"versionEndExcluding": "12.0\\(1\\)",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:cisco:evolved_programmable_network_manager:*:*:*:*:*:*:*:*",
"matchCriteriaId": "0B61F186-D943-4711-B3E0-875BB570B142",
"versionEndIncluding": "4.1.1",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:cisco:finesse:*:*:*:*:*:*:*:*",
"matchCriteriaId": "2A285C40-170D-4C95-8031-2C6E4D5FB1D4",
"versionEndExcluding": "12.6\\(1\\)",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:cisco:finesse:12.6\\(1\\):*:*:*:*:*:*:*",
"matchCriteriaId": "3C0F02B5-AA2A-48B2-AE43-38B45532C563",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:cisco:fog_director:-:*:*:*:*:*:*:*",
"matchCriteriaId": "830BDB28-963F-46C3-8D50-638FDABE7F64",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:cisco:identity_services_engine:*:*:*:*:*:*:*:*",
"matchCriteriaId": "54553C65-6BFA-40B1-958D-A4E3289D6B1D",
"versionEndExcluding": "2.4.0",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:cisco:identity_services_engine:2.4.0:-:*:*:*:*:*:*",
"matchCriteriaId": "439948AD-C95D-4FC3-ADD1-C3D241529F12",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:cisco:integrated_management_controller_supervisor:*:*:*:*:*:*:*:*",
"matchCriteriaId": "9C2002AE-0F3C-4A06-9B9A-F77A9F700EB2",
"versionEndExcluding": "2.3.2.1",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:cisco:intersight_virtual_appliance:*:*:*:*:*:*:*:*",
"matchCriteriaId": "596A986D-E7DC-4FC4-A776-6FE87A91D7E4",
"versionEndExcluding": "1.0.9-361",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:cisco:iot_operations_dashboard:-:*:*:*:*:*:*:*",
"matchCriteriaId": "DD93434E-8E75-469C-B12B-7E2B6EDCAA79",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:cisco:network_assurance_engine:*:*:*:*:*:*:*:*",
"matchCriteriaId": "78684844-4974-41AD-BBC1-961F60025CD2",
"versionEndExcluding": "6.0.2",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:cisco:network_services_orchestrator:*:*:*:*:*:*:*:*",
"matchCriteriaId": "3A00D235-FC9C-4EB7-A16C-BB0B09802E61",
"versionEndExcluding": "5.3.5.1",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:cisco:network_services_orchestrator:*:*:*:*:*:*:*:*",
"matchCriteriaId": "C60FDD1B-898E-4FCB-BDE2-45A7CBDBAF4F",
"versionEndExcluding": "5.4.5.2",
"versionStartIncluding": "5.4",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:cisco:network_services_orchestrator:*:*:*:*:*:*:*:*",
"matchCriteriaId": "E7A33E5F-BBC7-4917-9C63-900248B546D9",
"versionEndExcluding": "5.5.4.1",
"versionStartIncluding": "5.5",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:cisco:network_services_orchestrator:*:*:*:*:*:*:*:*",
"matchCriteriaId": "12D98A7C-4992-4E58-A6BD-3D8173C8F2B0",
"versionEndExcluding": "5.6.3.1",
"versionStartIncluding": "5.6",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:cisco:nexus_dashboard:*:*:*:*:*:*:*:*",
"matchCriteriaId": "E2DDC1AF-31B5-4F05-B84F-8FD23BE163DA",
"versionEndExcluding": "2.1.2",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:cisco:nexus_insights:*:*:*:*:*:*:*:*",
"matchCriteriaId": "A4540CF6-D33E-4D33-8608-11129D6591FA",
"versionEndExcluding": "6.0.2",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:cisco:optical_network_controller:*:*:*:*:*:*:*:*",
"matchCriteriaId": "129A7615-99E7-41F8-8EBC-CEDA10AD89AD",
"versionEndExcluding": "1.1.0",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:cisco:packaged_contact_center_enterprise:*:*:*:*:*:*:*:*",
"matchCriteriaId": "5F46A7AC-C133-442D-984B-BA278951D0BF",
"versionEndExcluding": "11.6",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:cisco:packaged_contact_center_enterprise:11.6\\(1\\):*:*:*:*:*:*:*",
"matchCriteriaId": "A1A75AB6-C3A7-4299-B35A-46A4BCD00816",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:cisco:paging_server:*:*:*:*:*:*:*:*",
"matchCriteriaId": "0A73E888-C8C2-4AFD-BA60-566D45214BCA",
"versionEndExcluding": "14.4.1",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:cisco:prime_service_catalog:*:*:*:*:*:*:*:*",
"matchCriteriaId": "4B0D0FD0-ABC6-465F-AB8D-FA8788B1B2DD",
"versionEndExcluding": "12.1",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:cisco:sd-wan_vmanage:*:*:*:*:*:*:*:*",
"matchCriteriaId": "D673F6F7-C42A-4538-96F0-34CB4F0CB080",
"versionEndExcluding": "20.3.4.1",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:cisco:sd-wan_vmanage:*:*:*:*:*:*:*:*",
"matchCriteriaId": "FD374819-3CED-4260-90B6-E3C1333EAAD2",
"versionEndExcluding": "20.4.2.1",
"versionStartIncluding": "20.4",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:cisco:sd-wan_vmanage:*:*:*:*:*:*:*:*",
"matchCriteriaId": "D2D89973-94AF-4BE7-8245-275F3FEB30F4",
"versionEndExcluding": "20.5.1.1",
"versionStartIncluding": "20.5",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:cisco:sd-wan_vmanage:*:*:*:*:*:*:*:*",
"matchCriteriaId": "91A9A889-2C2B-4147-8108-C35291761C15",
"versionEndExcluding": "20.6.2.1",
"versionStartIncluding": "20.6",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:cisco:smart_phy:*:*:*:*:*:*:*:*",
"matchCriteriaId": "D0EEA1EC-C63C-4C7D-BFAE-BA4556332242",
"versionEndExcluding": "3.2.1",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:cisco:ucs_central:*:*:*:*:*:*:*:*",
"matchCriteriaId": "ACE22D97-42FA-4179-99E5-C2EE582DB7FF",
"versionEndExcluding": "2.0\\(1p\\)",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:cisco:ucs_director:*:*:*:*:*:*:*:*",
"matchCriteriaId": "F6B5DB6D-9E7D-4403-8028-D7DA7493716B",
"versionEndExcluding": "6.8.2.0",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:cisco:unified_communications_manager:*:*:*:*:-:*:*:*",
"matchCriteriaId": "B98D7AD5-0590-43FB-8AC0-376C9C500C15",
"versionEndExcluding": "11.5\\(1\\)",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:cisco:unified_communications_manager:*:*:*:*:session_management:*:*:*",
"matchCriteriaId": "D9DA1900-9972-4DFD-BE2E-74DABA1ED9A9",
"versionEndExcluding": "11.5\\(1\\)",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:cisco:unified_communications_manager:11.5\\(1\\):*:*:*:*:*:*:*",
"matchCriteriaId": "42A41C41-A370-4C0E-A49D-AD42B2F3FB5C",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:cisco:unified_communications_manager:11.5\\(1\\):*:*:*:-:*:*:*",
"matchCriteriaId": "7E958AFF-185D-4D55-B74B-485BEAEC42FD",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:cisco:unified_communications_manager:11.5\\(1\\):*:*:*:session_management:*:*:*",
"matchCriteriaId": "F770709C-FFB2-4A4E-A2D8-2EAA23F2E87C",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:cisco:unified_communications_manager:11.5\\(1\\)su3:*:*:*:*:*:*:*",
"matchCriteriaId": "B85B81F9-8837-426E-8639-AB0712CD1A96",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:cisco:unified_communications_manager_im_and_presence_service:*:*:*:*:*:*:*:*",
"matchCriteriaId": "C1CCCD27-A247-4720-A2FE-C8ED55D1D0DE",
"versionEndExcluding": "11.5\\(1\\)",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:cisco:unified_communications_manager_im_and_presence_service:11.5\\(1\\):*:*:*:*:*:*:*",
"matchCriteriaId": "34D89C42-AAD9-4B04-9F95-F77681E39553",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:cisco:unified_contact_center_enterprise:*:*:*:*:*:*:*:*",
"matchCriteriaId": "897C8893-B0B6-4D6E-8D70-31B421D80B9A",
"versionEndExcluding": "11.6\\(2\\)",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:cisco:unified_contact_center_enterprise:11.6\\(2\\):*:*:*:*:*:*:*",
"matchCriteriaId": "91D62A73-21B5-4D16-A07A-69AED2D40CC0",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:cisco:unified_contact_center_express:*:*:*:*:*:*:*:*",
"matchCriteriaId": "B0492049-D3AC-4512-A4BF-C9C26DA72CB0",
"versionEndExcluding": "12.5\\(1\\)",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:cisco:unified_customer_voice_portal:*:*:*:*:*:*:*:*",
"matchCriteriaId": "3868A8AA-6660-4332-AB0C-089C150D00E7",
"versionEndExcluding": "11.6",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:cisco:unified_customer_voice_portal:11.6:*:*:*:*:*:*:*",
"matchCriteriaId": "58BD72D6-4A79-49C9-9652-AB0136A591FA",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:cisco:unified_customer_voice_portal:12.0:*:*:*:*:*:*:*",
"matchCriteriaId": "A32761FD-B435-4E51-807C-2B245857F90E",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:cisco:unified_customer_voice_portal:12.5:*:*:*:*:*:*:*",
"matchCriteriaId": "154F7F71-53C5-441C-8F5C-0A82CB0DEC43",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:cisco:unified_intelligence_center:*:*:*:*:*:*:*:*",
"matchCriteriaId": "8BD68514-1566-4E7C-879C-76D35084F7BE",
"versionEndExcluding": "12.6\\(1\\)",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:cisco:unity_connection:*:*:*:*:*:*:*:*",
"matchCriteriaId": "65FD3873-2663-4C49-878F-7C65D4B8E455",
"versionEndExcluding": "11.5\\(1\\)",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:cisco:video_surveillance_operations_manager:*:*:*:*:*:*:*:*",
"matchCriteriaId": "0886FB04-24AA-4995-BA53-1E44F94E114E",
"versionEndExcluding": "7.14.4",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:cisco:virtual_topology_system:*:*:*:*:*:*:*:*",
"matchCriteriaId": "C61805C1-1F73-462C-A9CA-BB0CA4E57D0B",
"versionEndExcluding": "2.6.7",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:cisco:virtualized_infrastructure_manager:*:*:*:*:*:*:*:*",
"matchCriteriaId": "5EB39834-0F6D-4BD7-AFEC-DD8BEE46DA50",
"versionEndExcluding": "3.2.0",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:cisco:virtualized_infrastructure_manager:*:*:*:*:*:*:*:*",
"matchCriteriaId": "0B78DD21-15F2-47A4-8A99-6DB6756920AC",
"versionEndExcluding": "3.4.4",
"versionStartIncluding": "3.4.0",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:cisco:virtualized_voice_browser:*:*:*:*:*:*:*:*",
"matchCriteriaId": "7C6222EB-36E1-4CD5-BD69-5A921ED5DA6A",
"versionEndExcluding": "12.5\\(1\\)",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:cisco:wan_automation_engine:*:*:*:*:*:*:*:*",
"matchCriteriaId": "C200CABD-F91B-49C4-A262-C56370E44B4C",
"versionEndExcluding": "7.3.0.2",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:cisco:webex_meetings_server:*:*:*:*:*:*:*:*",
"matchCriteriaId": "DE22BE9B-374E-43DC-BA91-E3B9699A4C7C",
"versionEndExcluding": "3.0",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:cisco:webex_meetings_server:3.0:-:*:*:*:*:*:*",
"matchCriteriaId": "61D1081F-87E8-4E8B-BEBD-0F239E745586",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:cisco:webex_meetings_server:3.0:maintenance_release1:*:*:*:*:*:*",
"matchCriteriaId": "8D138973-02B0-4FEC-A646-FF1278DA1EDF",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:cisco:webex_meetings_server:3.0:maintenance_release2:*:*:*:*:*:*",
"matchCriteriaId": "30B55A5B-8C5E-4ECB-9C85-A8A3A3030850",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:cisco:webex_meetings_server:3.0:maintenance_release3:*:*:*:*:*:*",
"matchCriteriaId": "14DBEC10-0641-441C-BE15-8F72C1762DCE",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:cisco:webex_meetings_server:3.0:maintenance_release3:-:*:*:*:*:*",
"matchCriteriaId": "205C1ABA-2A4F-480F-9768-7E3EC43B03F5",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:cisco:webex_meetings_server:3.0:maintenance_release3_security_patch4:*:*:*:*:*:*",
"matchCriteriaId": "D36FE453-C43F-448B-8A59-668DE95468C0",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:cisco:webex_meetings_server:3.0:maintenance_release3_security_patch5:*:*:*:*:*:*",
"matchCriteriaId": "E8DF0944-365F-4149-9059-BDFD6B131DC5",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:cisco:webex_meetings_server:3.0:maintenance_release3_service_pack_2:*:*:*:*:*:*",
"matchCriteriaId": "6B37AA08-13C7-4FD0-8402-E344A270C8F7",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:cisco:webex_meetings_server:3.0:maintenance_release3_service_pack_3:*:*:*:*:*:*",
"matchCriteriaId": "2AA56735-5A5E-4D8C-B09D-DBDAC2B5C8E9",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:cisco:webex_meetings_server:3.0:maintenance_release4:*:*:*:*:*:*",
"matchCriteriaId": "4646849B-8190-4798-833C-F367E28C1881",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:cisco:webex_meetings_server:4.0:-:*:*:*:*:*:*",
"matchCriteriaId": "4D6CF856-093A-4E89-A71D-50A2887C265B",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:cisco:webex_meetings_server:4.0:maintenance_release1:*:*:*:*:*:*",
"matchCriteriaId": "B36A9043-0621-43CD-BFCD-66529F937859",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:cisco:webex_meetings_server:4.0:maintenance_release2:*:*:*:*:*:*",
"matchCriteriaId": "8842B42E-C412-4356-9F54-DFC53B683D3E",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:cisco:webex_meetings_server:4.0:maintenance_release3:*:*:*:*:*:*",
"matchCriteriaId": "D25BC647-C569-46E5-AD45-7E315EBEB784",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:cisco:workload_optimization_manager:*:*:*:*:*:*:*:*",
"matchCriteriaId": "B468EDA1-CDEF-44D4-9D62-C433CF27F631",
"versionEndExcluding": "3.2.1",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:cisco:unified_sip_proxy:*:*:*:*:*:*:*:*",
"matchCriteriaId": "9E4905E2-2129-469C-8BBD-EDA258815E2B",
"versionEndExcluding": "10.2.1v2",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:cisco:unified_workforce_optimization:*:*:*:*:*:*:*:*",
"matchCriteriaId": "EC86AC6C-7C08-4EB9-A588-A034113E4BB1",
"versionEndExcluding": "11.5\\(1\\)",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
}
]
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:cisco:firepower_1010:-:*:*:*:*:*:*:*",
"matchCriteriaId": "7FFE3880-4B85-4E23-9836-70875D5109F7",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:cisco:firepower_1120:-:*:*:*:*:*:*:*",
"matchCriteriaId": "727A02E8-40A1-4DFE-A3A2-91D628D3044F",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:cisco:firepower_1140:-:*:*:*:*:*:*:*",
"matchCriteriaId": "19F6546E-28F4-40DC-97D6-E0E023FE939B",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:cisco:firepower_1150:-:*:*:*:*:*:*:*",
"matchCriteriaId": "EB3B0EC3-4654-4D90-9D41-7EC2AD1DDF99",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:cisco:firepower_2110:-:*:*:*:*:*:*:*",
"matchCriteriaId": "52D96810-5F79-4A83-B8CA-D015790FCF72",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:cisco:firepower_2120:-:*:*:*:*:*:*:*",
"matchCriteriaId": "16FE2945-4975-4003-AE48-7E134E167A7F",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:cisco:firepower_2130:-:*:*:*:*:*:*:*",
"matchCriteriaId": "DCE7122A-5AA7-4ECD-B024-E27C9D0CFB7B",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:cisco:firepower_2140:-:*:*:*:*:*:*:*",
"matchCriteriaId": "976901BF-C52C-4F81-956A-711AF8A60140",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:cisco:firepower_4110:-:*:*:*:*:*:*:*",
"matchCriteriaId": "A0CBC7F5-7767-43B6-9384-BE143FCDBD7F",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:cisco:firepower_4112:-:*:*:*:*:*:*:*",
"matchCriteriaId": "957D64EB-D60E-4775-B9A8-B21CA48ED3B1",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:cisco:firepower_4115:-:*:*:*:*:*:*:*",
"matchCriteriaId": "A694AD51-9008-4AE6-8240-98B17AB527EE",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:cisco:firepower_4120:-:*:*:*:*:*:*:*",
"matchCriteriaId": "38AE6DC0-2B03-4D36-9856-42530312CC46",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:cisco:firepower_4125:-:*:*:*:*:*:*:*",
"matchCriteriaId": "71DCEF22-ED20-4330-8502-EC2DD4C9838F",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:cisco:firepower_4140:-:*:*:*:*:*:*:*",
"matchCriteriaId": "3DB2822B-B752-4CD9-A178-934957E306B4",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:cisco:firepower_4145:-:*:*:*:*:*:*:*",
"matchCriteriaId": "81F4868A-6D62-479C-9C19-F9AABDBB6B24",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:cisco:firepower_4150:-:*:*:*:*:*:*:*",
"matchCriteriaId": "65378F3A-777C-4AE2-87FB-1E7402F9EA1B",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:cisco:firepower_9300:-:*:*:*:*:*:*:*",
"matchCriteriaId": "07DAFDDA-718B-4B69-A524-B0CEB80FE960",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:cisco:fxos:6.2.3:*:*:*:*:*:*:*",
"matchCriteriaId": "82C8AD48-0130-4C20-ADEC-697668E2293B",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:cisco:fxos:6.3.0:*:*:*:*:*:*:*",
"matchCriteriaId": "4E75EF7C-8D71-4D70-91F0-74FC99A90CC3",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:cisco:fxos:6.4.0:*:*:*:*:*:*:*",
"matchCriteriaId": "2DB7EE7D-8CB4-4804-9F9D-F235608E86E1",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:cisco:fxos:6.5.0:*:*:*:*:*:*:*",
"matchCriteriaId": "77571973-2A94-4E15-AC5B-155679C3C565",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:cisco:fxos:6.6.0:*:*:*:*:*:*:*",
"matchCriteriaId": "CA405A50-3F31-48ED-9AF1-4B02F5B367DE",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:cisco:fxos:6.7.0:*:*:*:*:*:*:*",
"matchCriteriaId": "D3753953-04E8-4382-A6EC-CD334DD83CF4",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:cisco:fxos:7.0.0:*:*:*:*:*:*:*",
"matchCriteriaId": "B4A5F89F-1296-4A0F-A36D-082A481F190F",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:cisco:fxos:7.1.0:*:*:*:*:*:*:*",
"matchCriteriaId": "F50F48AF-44FF-425C-9685-E386F956C901",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:a:cisco:automated_subsea_tuning:02.01.00:*:*:*:*:*:*:*",
"matchCriteriaId": "A4D28E76-56D4-4C9A-A660-7CD7E0A1AC9F",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:cisco:broadworks:-:*:*:*:*:*:*:*",
"matchCriteriaId": "CD975A0E-00A6-475E-9064-1D64E4291499",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:cisco:cloudcenter_suite:4.10\\(0.15\\):*:*:*:*:*:*:*",
"matchCriteriaId": "2E50AC21-DA54-4BC8-A503-1935FD1714C7",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:cisco:cloudcenter_suite:5.3\\(0\\):*:*:*:*:*:*:*",
"matchCriteriaId": "4D05E169-4AF1-4127-A917-056EC2CE781B",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:cisco:cloudcenter_suite:5.4\\(1\\):*:*:*:*:*:*:*",
"matchCriteriaId": "8AD415A2-422E-4F15-A177-C3696FEAFF0C",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:cisco:cloudcenter_suite:5.5\\(0\\):*:*:*:*:*:*:*",
"matchCriteriaId": "134443B7-7BA8-4B50-8874-D4BF931BECFD",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:cisco:cloudcenter_suite:5.5\\(1\\):*:*:*:*:*:*:*",
"matchCriteriaId": "73ADF6EA-CD29-4835-8D72-84241D513AFF",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:cisco:common_services_platform_collector:002.009\\(000.000\\):*:*:*:*:*:*:*",
"matchCriteriaId": "BAC1A386-04C7-45B2-A883-1CD9AB60C14B",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:cisco:common_services_platform_collector:002.009\\(000.001\\):*:*:*:*:*:*:*",
"matchCriteriaId": "3F0F1639-D69E-473A-8926-827CCF73ACC9",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:cisco:common_services_platform_collector:002.009\\(000.002\\):*:*:*:*:*:*:*",
"matchCriteriaId": "F4FDF900-E9D6-454A-BF6B-821620CA59F4",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:cisco:common_services_platform_collector:002.009\\(001.000\\):*:*:*:*:*:*:*",
"matchCriteriaId": "1859BD43-BA2B-45A5-B523-C6BFD34C7B01",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:cisco:common_services_platform_collector:002.009\\(001.001\\):*:*:*:*:*:*:*",
"matchCriteriaId": "1EBC145C-9A2F-4B76-953E-0F690314511C",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:cisco:common_services_platform_collector:002.009\\(001.002\\):*:*:*:*:*:*:*",
"matchCriteriaId": "158B7A53-FEC1-4B42-A1E2-E83E99564B07",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:cisco:common_services_platform_collector:002.010\\(000.000\\):*:*:*:*:*:*:*",
"matchCriteriaId": "3A378971-1A08-4914-B012-8E24DCDEFC68",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:cisco:connected_analytics_for_network_deployment:006.004.000.003:*:*:*:*:*:*:*",
"matchCriteriaId": "4E5CC012-DC85-481A-B82A-9323C19674DA",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:cisco:connected_analytics_for_network_deployment:006.005.000.:*:*:*:*:*:*:*",
"matchCriteriaId": "76CF59ED-685D-46CD-80A2-AEDA4F03FE53",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:cisco:connected_analytics_for_network_deployment:006.005.000.000:*:*:*:*:*:*:*",
"matchCriteriaId": "960B07C0-E205-47E7-B578-46A0AF559D04",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:cisco:connected_analytics_for_network_deployment:007.000.001:*:*:*:*:*:*:*",
"matchCriteriaId": "A1A194E1-405E-47FA-8CDF-58EB78883ACC",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:cisco:connected_analytics_for_network_deployment:007.001.000:*:*:*:*:*:*:*",
"matchCriteriaId": "2E628231-61FB-40AF-A20B-00F5CB78E63B",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:cisco:connected_analytics_for_network_deployment:007.002.000:*:*:*:*:*:*:*",
"matchCriteriaId": "2EA25E92-2C76-4722-BA06-53F33C0D961C",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:cisco:connected_analytics_for_network_deployment:7.3:*:*:*:*:*:*:*",
"matchCriteriaId": "51D2940A-0D03-415B-B72E-1F6862DDAC41",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:cisco:connected_analytics_for_network_deployment:007.003.000:*:*:*:*:*:*:*",
"matchCriteriaId": "8B346ADC-00BE-4409-B658-A11351D2A7D4",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:cisco:connected_analytics_for_network_deployment:007.003.001.001:*:*:*:*:*:*:*",
"matchCriteriaId": "5A0E44A9-C427-493B-868A-8A8DA405E759",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:cisco:connected_analytics_for_network_deployment:007.003.003:*:*:*:*:*:*:*",
"matchCriteriaId": "B2B31E7C-0EB3-4996-8859-DF94A3EE20B3",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:cisco:connected_analytics_for_network_deployment:008.000.000:*:*:*:*:*:*:*",
"matchCriteriaId": "3EAB3E03-275F-4942-9396-FC7A22F42C8D",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:cisco:connected_analytics_for_network_deployment:008.000.000.000.004:*:*:*:*:*:*:*",
"matchCriteriaId": "19DAD751-D170-4914-BAB2-6054DFEEF404",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:cisco:crosswork_network_automation:-:*:*:*:*:*:*:*",
"matchCriteriaId": "2F429F37-3576-4D8A-9901-359D65EC3CF4",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:cisco:crosswork_network_automation:2.0.0:*:*:*:*:*:*:*",
"matchCriteriaId": "F526DEF1-4A3E-4FE1-8153-E9252DAE5B92",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:cisco:crosswork_network_automation:3.0.0:*:*:*:*:*:*:*",
"matchCriteriaId": "C19679D0-F4DC-4130-AFFD-692E5130531A",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:cisco:crosswork_network_automation:4.1.0:*:*:*:*:*:*:*",
"matchCriteriaId": "60D2FBF3-D8AB-41F0-B170-9E56FBF7E2F7",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:cisco:crosswork_network_automation:4.1.1:*:*:*:*:*:*:*",
"matchCriteriaId": "F60324DD-8450-4B14-A7A1-0D5EA5163580",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:cisco:cx_cloud_agent:001.012:*:*:*:*:*:*:*",
"matchCriteriaId": "12F6DFD1-273B-4292-A22C-F2BE0DD3FB3F",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:cisco:cyber_vision:4.0.2:*:*:*:*:*:*:*",
"matchCriteriaId": "13EA024C-97A4-4D33-BC3E-51DB77C51E76",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:cisco:cyber_vision_sensor_management_extension:4.0.2:*:*:*:*:*:*:*",
"matchCriteriaId": "85289E35-C7C2-46D0-9BDC-10648DD2C86F",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:cisco:dna_center:2.2.2.8:*:*:*:*:*:*:*",
"matchCriteriaId": "17282822-C082-4FBC-B46D-468DCF8EF6B8",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:cisco:dna_spaces:-:*:*:*:*:*:*:*",
"matchCriteriaId": "F5463DA6-5D44-4C32-B46C-E8A2ADD7646B",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:cisco:dna_spaces_connector:-:*:*:*:*:*:*:*",
"matchCriteriaId": "54A237CF-A439-4114-AF81-D75582F29573",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:cisco:emergency_responder:11.5:*:*:*:*:*:*:*",
"matchCriteriaId": "A37D19BF-E4F5-4AF4-8942-0C3B62C4BF2B",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:cisco:emergency_responder:11.5\\(4.65000.14\\):*:*:*:*:*:*:*",
"matchCriteriaId": "EF25688B-6659-4C7C-866D-79AA1166AD7A",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:cisco:emergency_responder:11.5\\(4.66000.14\\):*:*:*:*:*:*:*",
"matchCriteriaId": "47B70741-90D9-4676-BF16-8A21E147F532",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:cisco:enterprise_chat_and_email:12.0\\(1\\):*:*:*:*:*:*:*",
"matchCriteriaId": "ED862A1B-E558-4D44-839C-270488E735BB",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:cisco:enterprise_chat_and_email:12.5\\(1\\):*:*:*:*:*:*:*",
"matchCriteriaId": "2678AF98-1194-4810-9933-5BA50E409F88",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:cisco:enterprise_chat_and_email:12.6\\(1\\):*:*:*:*:*:*:*",
"matchCriteriaId": "37E7DEBD-9E47-4D08-86BC-D1B013450A98",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:cisco:evolved_programmable_network_manager:3.0:*:*:*:*:*:*:*",
"matchCriteriaId": "1A935862-18F7-45FE-B647-1A9BA454E304",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:cisco:evolved_programmable_network_manager:3.1:*:*:*:*:*:*:*",
"matchCriteriaId": "69594997-2568-4C10-A411-69A50BFD175F",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:cisco:evolved_programmable_network_manager:4.0:*:*:*:*:*:*:*",
"matchCriteriaId": "1EC39E2D-C47B-4311-BC7B-130D432549F4",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:cisco:evolved_programmable_network_manager:4.1:*:*:*:*:*:*:*",
"matchCriteriaId": "EE5E6CBE-D82C-4001-87CB-73DF526F0AB1",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:cisco:evolved_programmable_network_manager:5.0:*:*:*:*:*:*:*",
"matchCriteriaId": "460E6456-0E51-45BC-868E-DEEA5E3CD366",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:cisco:evolved_programmable_network_manager:5.1:*:*:*:*:*:*:*",
"matchCriteriaId": "F7F58659-A318-42A0-83C5-8F09FCD78982",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:cisco:finesse:12.5\\(1\\):su1:*:*:*:*:*:*",
"matchCriteriaId": "D8A49E46-8501-4697-A17A-249A7D9F5A0B",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:cisco:finesse:12.5\\(1\\):su2:*:*:*:*:*:*",
"matchCriteriaId": "5D81E7A9-0C2B-4603-91F0-ABF2380DBBA3",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:cisco:finesse:12.6\\(1\\):-:*:*:*:*:*:*",
"matchCriteriaId": "4DFCE723-9359-40C7-BA35-B71BDF8E3CF3",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:cisco:finesse:12.6\\(1\\):es01:*:*:*:*:*:*",
"matchCriteriaId": "28B1524E-FDCA-4570-86DD-CE396271B232",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:cisco:finesse:12.6\\(1\\):es02:*:*:*:*:*:*",
"matchCriteriaId": "74DC6F28-BFEF-4D89-93D5-10072DAC39C8",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:cisco:finesse:12.6\\(1\\):es03:*:*:*:*:*:*",
"matchCriteriaId": "BA1D60D7-1B4A-4EEE-A26C-389D9271E005",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:cisco:firepower_threat_defense:6.2.3:*:*:*:*:*:*:*",
"matchCriteriaId": "1D726F07-06F1-4B0A-B010-E607E0C2A280",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:cisco:firepower_threat_defense:6.3.0:*:*:*:*:*:*:*",
"matchCriteriaId": "3ED58B0E-FCC7-48E3-A5C0-6CC54A38BAE3",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:cisco:firepower_threat_defense:6.4.0:*:*:*:*:*:*:*",
"matchCriteriaId": "B2DF0B07-8C2A-4341-8AFF-DE7E5E5B3A43",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:cisco:firepower_threat_defense:6.5.0:*:*:*:*:*:*:*",
"matchCriteriaId": "41E168ED-D664-4749-805E-77644407EAFE",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:cisco:firepower_threat_defense:6.6.0:*:*:*:*:*:*:*",
"matchCriteriaId": "DCD69468-8067-4A5D-B2B0-EC510D889AA0",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:cisco:firepower_threat_defense:6.7.0:*:*:*:*:*:*:*",
"matchCriteriaId": "85F22403-B4EE-4303-9C94-915D3E0AC944",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:cisco:firepower_threat_defense:7.0.0:*:*:*:*:*:*:*",
"matchCriteriaId": "BBCA75A6-0A3E-4393-8884-9F3CE190641E",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:cisco:firepower_threat_defense:7.1.0:*:*:*:*:*:*:*",
"matchCriteriaId": "D619BF54-1BA9-45D0-A876-92D7010088A0",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:cisco:identity_services_engine:002.004\\(000.914\\):-:*:*:*:*:*:*",
"matchCriteriaId": "808F8065-BD3A-4802-83F9-CE132EDB8D34",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:cisco:identity_services_engine:002.006\\(000.156\\):-:*:*:*:*:*:*",
"matchCriteriaId": "B236B13E-93B9-424E-926C-95D3DBC6CA5D",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:cisco:identity_services_engine:002.007\\(000.356\\):-:*:*:*:*:*:*",
"matchCriteriaId": "8A63CC83-0A6E-4F33-A1BE-214A33B51518",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:cisco:identity_services_engine:003.000\\(000.458\\):-:*:*:*:*:*:*",
"matchCriteriaId": "37DB7759-6529-46DE-B384-10F060D86A97",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:cisco:identity_services_engine:003.001\\(000.518\\):-:*:*:*:*:*:*",
"matchCriteriaId": "8C640AD9-146E-488A-B166-A6BB940F97D3",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:cisco:identity_services_engine:003.002\\(000.116\\):-:*:*:*:*:*:*",
"matchCriteriaId": "DAC1FA7E-CB1B-46E5-A248-ABACECFBD6E8",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:cisco:integrated_management_controller_supervisor:002.003\\(002.000\\):*:*:*:*:*:*:*",
"matchCriteriaId": "7C3BD5AF-9FC1-494B-A676-CC3D4B8EAC8D",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:cisco:integrated_management_controller_supervisor:2.3.2.0:*:*:*:*:*:*:*",
"matchCriteriaId": "F477CACA-2AA0-417C-830D-F2D3AE93153A",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:cisco:intersight_virtual_appliance:1.0.9-343:*:*:*:*:*:*:*",
"matchCriteriaId": "7E3BE5E1-A6B6-46C7-B93B-8A9F5AEA2731",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:cisco:mobility_services_engine:-:*:*:*:*:*:*:*",
"matchCriteriaId": "04E0BB7B-0716-4DBD-89B9-BA11AAD77C00",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:cisco:network_assurance_engine:6.0\\(2.1912\\):*:*:*:*:*:*:*",
"matchCriteriaId": "64C98A76-0C31-45E7-882B-35AE0D2C5430",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:cisco:network_dashboard_fabric_controller:11.0\\(1\\):*:*:*:*:*:*:*",
"matchCriteriaId": "379F8D86-BE87-4250-9E85-494D331A0398",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:cisco:network_dashboard_fabric_controller:11.1\\(1\\):*:*:*:*:*:*:*",
"matchCriteriaId": "71F69E51-E59D-4AE3-B242-D6D2CFDB3F46",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:cisco:network_dashboard_fabric_controller:11.2\\(1\\):*:*:*:*:*:*:*",
"matchCriteriaId": "578DA613-8E15-4748-A4B7-646415449609",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:cisco:network_dashboard_fabric_controller:11.3\\(1\\):*:*:*:*:*:*:*",
"matchCriteriaId": "544EFAD6-CE2F-4E1D-9A00-043454B72889",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:cisco:network_dashboard_fabric_controller:11.4\\(1\\):*:*:*:*:*:*:*",
"matchCriteriaId": "2E16DF9C-3B64-4220-82B6-6E20C7807BAA",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:cisco:network_dashboard_fabric_controller:11.5\\(1\\):*:*:*:*:*:*:*",
"matchCriteriaId": "B9CD5B8A-9846-48F1-9495-77081E44CBFC",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:cisco:network_dashboard_fabric_controller:11.5\\(2\\):*:*:*:*:*:*:*",
"matchCriteriaId": "68E6CD49-6F71-4E17-B046-FBE91CE91CB7",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:cisco:network_dashboard_fabric_controller:11.5\\(3\\):*:*:*:*:*:*:*",
"matchCriteriaId": "0BDD8018-7E77-4C89-917E-ACDC678A7DE2",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:cisco:network_insights_for_data_center:6.0\\(2.1914\\):*:*:*:*:*:*:*",
"matchCriteriaId": "A7D39156-A47D-405E-8C02-CAE7D637F99A",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:cisco:network_services_orchestrator:-:*:*:*:*:*:*:*",
"matchCriteriaId": "5426FC59-411D-4963-AFEF-5B55F68B8958",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:cisco:optical_network_controller:1.1:*:*:*:*:*:*:*",
"matchCriteriaId": "810E9A92-4302-4396-94D3-3003947DB2A7",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:cisco:paging_server:8.3\\(1\\):*:*:*:*:*:*:*",
"matchCriteriaId": "522C36A5-7520-4368-BD92-9AB577756493",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:cisco:paging_server:8.4\\(1\\):*:*:*:*:*:*:*",
"matchCriteriaId": "CB2EC4BE-FFAF-4605-8A96-2FEF35975540",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:cisco:paging_server:8.5\\(1\\):*:*:*:*:*:*:*",
"matchCriteriaId": "CA1D3C2A-E5FA-400C-AC01-27A3E5160477",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:cisco:paging_server:9.0\\(1\\):*:*:*:*:*:*:*",
"matchCriteriaId": "63B27050-997B-4D54-8E5A-CE9E33904318",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:cisco:paging_server:9.0\\(2\\):*:*:*:*:*:*:*",
"matchCriteriaId": "5ABF05B8-1B8A-4CCF-A1AD-D8602A247718",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:cisco:paging_server:9.1\\(1\\):*:*:*:*:*:*:*",
"matchCriteriaId": "2F74580D-0011-4ED9-9A00-B4CDB6685154",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:cisco:paging_server:12.5\\(2\\):*:*:*:*:*:*:*",
"matchCriteriaId": "17A3C22E-1980-49B6-8985-9FA76A77A836",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:cisco:paging_server:14.0\\(1\\):*:*:*:*:*:*:*",
"matchCriteriaId": "B1AB42DC-CE58-448A-A6B5-56F31B15F4A0",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:cisco:prime_service_catalog:12.1:*:*:*:*:*:*:*",
"matchCriteriaId": "9DC32B55-0C76-4669-8EAD-DCC16355E887",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:cisco:sd-wan_vmanage:20.3:*:*:*:*:*:*:*",
"matchCriteriaId": "6CDA737F-337E-4C30-B68D-EF908A8D6840",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:cisco:sd-wan_vmanage:20.4:*:*:*:*:*:*:*",
"matchCriteriaId": "9DC5A89C-CCCF-49EC-B4FC-AB98ACB79233",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:cisco:sd-wan_vmanage:20.5:*:*:*:*:*:*:*",
"matchCriteriaId": "4BA4F513-CBA1-4523-978B-D498CEDAE0CF",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:cisco:sd-wan_vmanage:20.6:*:*:*:*:*:*:*",
"matchCriteriaId": "6C53C6FD-B98E-4F7E-BA4D-391C90CF9E83",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:cisco:sd-wan_vmanage:20.6.1:*:*:*:*:*:*:*",
"matchCriteriaId": "D00F6719-2C73-4D8D-8505-B9922E8A4627",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:cisco:sd-wan_vmanage:20.7:*:*:*:*:*:*:*",
"matchCriteriaId": "EFE9210F-39C5-4828-9608-6905C1D378D4",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:cisco:sd-wan_vmanage:20.8:*:*:*:*:*:*:*",
"matchCriteriaId": "A1CEDCE4-CFD1-434B-B157-D63329CBA24A",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:cisco:smart_phy:3.1.2:*:*:*:*:*:*:*",
"matchCriteriaId": "33660EB8-2984-4258-B8AD-141B7065C85E",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:cisco:smart_phy:3.1.3:*:*:*:*:*:*:*",
"matchCriteriaId": "0ACA346D-5103-47F0-8BD9-7A8AD9B92E98",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:cisco:smart_phy:3.1.4:*:*:*:*:*:*:*",
"matchCriteriaId": "A38BDF03-23C8-4BB6-A44D-68818962E7CB",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:cisco:smart_phy:3.1.5:*:*:*:*:*:*:*",
"matchCriteriaId": "3104C099-FEDA-466B-93CC-D55F058F7CD3",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:cisco:smart_phy:3.2.1:*:*:*:*:*:*:*",
"matchCriteriaId": "890EA1C7-5990-4C71-857F-197E6F5B4089",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:cisco:smart_phy:21.3:*:*:*:*:*:*:*",
"matchCriteriaId": "56F21CF4-83FE-4529-9871-0FDD70D3095E",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:cisco:ucs_central_software:2.0:*:*:*:*:*:*:*",
"matchCriteriaId": "B9331834-9EAD-46A1-9BD4-F4027E49D0C3",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:cisco:ucs_central_software:2.0\\(1a\\):*:*:*:*:*:*:*",
"matchCriteriaId": "0E707E44-12CD-46C3-9124-639D0265432E",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:cisco:ucs_central_software:2.0\\(1b\\):*:*:*:*:*:*:*",
"matchCriteriaId": "2FEE8482-DB64-4421-B646-9E5F560D1712",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:cisco:ucs_central_software:2.0\\(1c\\):*:*:*:*:*:*:*",
"matchCriteriaId": "4385CE6E-6283-4621-BBD9-8E66E2A34843",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:cisco:ucs_central_software:2.0\\(1d\\):*:*:*:*:*:*:*",
"matchCriteriaId": "9A6CDBD4-889B-442D-B272-C8E9A1B6AEC0",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:cisco:ucs_central_software:2.0\\(1e\\):*:*:*:*:*:*:*",
"matchCriteriaId": "FF1E59F9-CF4F-4EFB-872C-5F503A04CCF4",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:cisco:ucs_central_software:2.0\\(1f\\):*:*:*:*:*:*:*",
"matchCriteriaId": "1782219F-0C3D-45B7-80C7-D1DAA70D90B1",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:cisco:ucs_central_software:2.0\\(1g\\):*:*:*:*:*:*:*",
"matchCriteriaId": "DDAB3BAD-1EC6-4101-A58D-42DA48D04D0C",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:cisco:ucs_central_software:2.0\\(1h\\):*:*:*:*:*:*:*",
"matchCriteriaId": "8F7AA674-6BC2-490F-8D8A-F575B11F4BE0",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:cisco:ucs_central_software:2.0\\(1k\\):*:*:*:*:*:*:*",
"matchCriteriaId": "6945C4DE-C070-453E-B641-2F5B9CFA3B6D",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:cisco:ucs_central_software:2.0\\(1l\\):*:*:*:*:*:*:*",
"matchCriteriaId": "DAB8C7C0-D09B-4232-A88E-57D25AF45457",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:cisco:unified_communications_manager:11.5\\(1.17900.52\\):*:*:*:*:*:*:*",
"matchCriteriaId": "ACEDB7B4-EBD4-4A37-9EE3-07EE3B46BE44",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:cisco:unified_communications_manager:11.5\\(1.18119.2\\):*:*:*:*:*:*:*",
"matchCriteriaId": "820D579C-AA45-4DC1-945A-748FFCD51CA2",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:cisco:unified_communications_manager:11.5\\(1.18900.97\\):*:*:*:*:*:*:*",
"matchCriteriaId": "7B23A9A6-CD04-4D76-BE3F-AFAFBB525F5E",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:cisco:unified_communications_manager:11.5\\(1.21900.40\\):*:*:*:*:*:*:*",
"matchCriteriaId": "A44E6007-7A3A-4AD3-9A65-246C59B73FB6",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:cisco:unified_communications_manager:11.5\\(1.22900.28\\):*:*:*:*:*:*:*",
"matchCriteriaId": "3D508E51-4075-4E34-BB7C-65AF9D56B49F",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:cisco:unified_communications_manager_im_\\\u0026_presence_service:11.5\\(1\\):*:*:*:*:*:*:*",
"matchCriteriaId": "376D06D5-D68E-4FF0-97E5-CBA2165A05CF",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:cisco:unified_communications_manager_im_\\\u0026_presence_service:11.5\\(1.22900.6\\):*:*:*:*:*:*:*",
"matchCriteriaId": "18ED6B8F-2064-4BBA-A78D-4408F13C724D",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:cisco:unified_computing_system:006.008\\(001.000\\):*:*:*:*:*:*:*",
"matchCriteriaId": "94091FE3-AB88-4CF5-8C4C-77B349E716A9",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:cisco:unified_contact_center_enterprise:11.6\\(2\\):*:*:*:*:*:*:*",
"matchCriteriaId": "91D62A73-21B5-4D16-A07A-69AED2D40CC0",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:cisco:unified_contact_center_enterprise:12.0\\(1\\):*:*:*:*:*:*:*",
"matchCriteriaId": "53F1314A-9A2C-43DC-8203-E4654EF013CC",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:cisco:unified_contact_center_enterprise:12.5\\(1\\):*:*:*:*:*:*:*",
"matchCriteriaId": "0ADE468B-8F0C-490D-BB4C-358D947BA8E4",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:cisco:unified_contact_center_enterprise:12.6\\(1\\):*:*:*:*:*:*:*",
"matchCriteriaId": "32FEE78D-309E-491D-9AB6-98005F1CBF49",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:cisco:unified_contact_center_enterprise:12.6\\(2\\):*:*:*:*:*:*:*",
"matchCriteriaId": "878D9901-675D-4444-B094-0BA505E7433F",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:cisco:unified_contact_center_express:12.5\\(1\\):-:*:*:*:*:*:*",
"matchCriteriaId": "66E25EE4-AB7B-42BF-A703-0C2E83E83577",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:cisco:unified_contact_center_express:12.5\\(1\\):su1:*:*:*:*:*:*",
"matchCriteriaId": "D8F35520-F04A-4863-A1BC-0EDD2D1804F7",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:cisco:unified_contact_center_express:12.6\\(1\\):*:*:*:*:*:*:*",
"matchCriteriaId": "EF9855FD-7747-4D9E-9542-703B1EC9A382",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:cisco:unified_contact_center_express:12.6\\(2\\):*:*:*:*:*:*:*",
"matchCriteriaId": "E07AF386-D8A5-44F5-A418-940C9F88A36A",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:cisco:unified_contact_center_management_portal:12.6\\(1\\):*:*:*:*:*:*:*",
"matchCriteriaId": "113C77DA-AC22-4D67-9812-8510EFC0A95F",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:cisco:unified_customer_voice_portal:11.6\\(1\\):*:*:*:*:*:*:*",
"matchCriteriaId": "4BE221AB-A3B0-4CFF-9BC0-777773C2EF63",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:cisco:unified_customer_voice_portal:12.0\\(1\\):*:*:*:*:*:*:*",
"matchCriteriaId": "15941265-1E7E-4C3E-AF1D-027C5E0D3141",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:cisco:unified_customer_voice_portal:12.5\\(1\\):*:*:*:*:*:*:*",
"matchCriteriaId": "54AA2B0C-92A1-4B53-88D7-6E31120F5041",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:cisco:unified_customer_voice_portal:12.6\\(1\\):*:*:*:*:*:*:*",
"matchCriteriaId": "F9BD7207-85FB-4484-8720-4D11F296AC10",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:cisco:unified_intelligence_center:12.6\\(1\\):-:*:*:*:*:*:*",
"matchCriteriaId": "62E009C4-BE3E-4A14-91EF-8F667B2220A7",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:cisco:unified_intelligence_center:12.6\\(1\\):es01:*:*:*:*:*:*",
"matchCriteriaId": "088512E1-434D-4685-992E-192A98ECAD9A",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:cisco:unified_intelligence_center:12.6\\(1\\):es02:*:*:*:*:*:*",
"matchCriteriaId": "50A7BBC6-077C-4182-AA7A-577C4AAC3CD8",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:cisco:unified_intelligence_center:12.6\\(2\\):-:*:*:*:*:*:*",
"matchCriteriaId": "E0536F45-3A49-4F93-942E-AF679DFC7017",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:cisco:unified_sip_proxy:010.000\\(000\\):*:*:*:*:*:*:*",
"matchCriteriaId": "3D54794B-6CD5-46D7-B9E9-62A642143562",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:cisco:unified_sip_proxy:010.000\\(001\\):*:*:*:*:*:*:*",
"matchCriteriaId": "BE844DCA-FF52-43F5-BDD9-836A812A8CFF",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:cisco:unified_sip_proxy:010.002\\(000\\):*:*:*:*:*:*:*",
"matchCriteriaId": "07B261EB-CA63-4796-BD15-A6770FD68B34",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:cisco:unified_sip_proxy:010.002\\(001\\):*:*:*:*:*:*:*",
"matchCriteriaId": "29F9067A-B86C-4A6B-ACB7-DB125E04B795",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:cisco:unified_workforce_optimization:11.5\\(1\\):sr7:*:*:*:*:*:*",
"matchCriteriaId": "FAC4CC92-8BA0-4D96-9C48-5E311CDED53F",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:cisco:unity_connection:11.5:*:*:*:*:*:*:*",
"matchCriteriaId": "8F2437A5-217A-4CD1-9B72-A31BDDC81F42",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:cisco:unity_connection:11.5\\(1.10000.6\\):*:*:*:*:*:*:*",
"matchCriteriaId": "9C3CFF0D-BD70-4353-AE2F-6C55F8DE56A2",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:cisco:video_surveillance_manager:7.14\\(1.26\\):*:*:*:*:*:*:*",
"matchCriteriaId": "2CE47760-0E71-4FCA-97D1-CF0BB71CAC17",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:cisco:video_surveillance_manager:7.14\\(2.26\\):*:*:*:*:*:*:*",
"matchCriteriaId": "89B2D4F5-CB86-4B25-8C14-CED59E8A3F22",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:cisco:video_surveillance_manager:7.14\\(3.025\\):*:*:*:*:*:*:*",
"matchCriteriaId": "B150B636-6267-4504-940F-DC37ABEFB082",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:cisco:video_surveillance_manager:7.14\\(4.018\\):*:*:*:*:*:*:*",
"matchCriteriaId": "D00B9911-A7CA-467E-B7A3-3AF31828D5D9",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:cisco:virtual_topology_system:2.6.6:*:*:*:*:*:*:*",
"matchCriteriaId": "B67C08C3-412F-4B7F-B98C-EEAEE77CBE4B",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:cisco:wan_automation_engine:7.1.3:*:*:*:*:*:*:*",
"matchCriteriaId": "6D428C9B-53E1-4D26-BB4D-57FDE02FA613",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:cisco:wan_automation_engine:7.2.1:*:*:*:*:*:*:*",
"matchCriteriaId": "CDB41596-FACF-440A-BB6C-8CAD792EC186",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:cisco:wan_automation_engine:7.2.2:*:*:*:*:*:*:*",
"matchCriteriaId": "D8C88EE2-5702-4E8B-A144-CB485435FD62",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:cisco:wan_automation_engine:7.2.3:*:*:*:*:*:*:*",
"matchCriteriaId": "1BC62844-C608-4DB1-A1AD-C1B55128C560",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:cisco:wan_automation_engine:7.3:*:*:*:*:*:*:*",
"matchCriteriaId": "EFF2FFA4-358A-4F33-BC67-A9EF8A30714E",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:cisco:wan_automation_engine:7.4:*:*:*:*:*:*:*",
"matchCriteriaId": "53C0BBDE-795E-4754-BB96-4D6D4B5A804F",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:cisco:wan_automation_engine:7.5:*:*:*:*:*:*:*",
"matchCriteriaId": "7A41E377-16F9-423F-8DC2-F6EDD54E1069",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:cisco:wan_automation_engine:7.6:*:*:*:*:*:*:*",
"matchCriteriaId": "F0C2789E-255B-45D9-9469-B5B549A01F53",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:cisco:webex_meetings_server:3.0:*:*:*:*:*:*:*",
"matchCriteriaId": "EFAFEC61-2128-4BFA-992D-54742BD4911A",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:cisco:webex_meetings_server:4.0:*:*:*:*:*:*:*",
"matchCriteriaId": "F12AF70E-2201-4F5D-A929-A1A057B74252",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
}
]
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:a:snowsoftware:snow_commander:*:*:*:*:*:*:*:*",
"matchCriteriaId": "A2CBCDC4-02DF-47F4-A01C-7CBCB2FF0163",
"versionEndExcluding": "8.10.0",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:snowsoftware:vm_access_proxy:*:*:*:*:*:*:*:*",
"matchCriteriaId": "C42D44C8-9894-4183-969B-B38FDA1FEDF9",
"versionEndExcluding": "3.6",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
}
]
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:a:bentley:synchro:*:*:*:*:pro:*:*:*",
"matchCriteriaId": "452D8730-F273-4AB4-9221-E82EC2CAAFD8",
"versionEndExcluding": "6.2.4.2",
"versionStartIncluding": "6.1",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:bentley:synchro_4d:*:*:*:*:pro:*:*:*",
"matchCriteriaId": "F2EF5054-EECB-4489-B27A-AACB96B25B97",
"versionEndExcluding": "6.4.3.2",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
}
]
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:a:percussion:rhythmyx:*:*:*:*:*:*:*:*",
"matchCriteriaId": "16E0A04D-30BE-4AB3-85A1-13AF614C425C",
"versionEndIncluding": "7.3.2",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
}
]
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:a:apple:xcode:*:*:*:*:*:*:*:*",
"matchCriteriaId": "E0755E91-2F36-4EC3-8727-E8BF0427E663",
"versionEndExcluding": "13.3",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
}
]
}
],
"cveTags": [],
"descriptions": [
{
"lang": "en",
"value": "Apache Log4j2 2.0-beta9 through 2.15.0 (excluding security releases 2.12.2, 2.12.3, and 2.3.1) JNDI features used in configuration, log messages, and parameters do not protect against attacker controlled LDAP and other JNDI related endpoints. An attacker who can control log messages or log message parameters can execute arbitrary code loaded from LDAP servers when message lookup substitution is enabled. From log4j 2.15.0, this behavior has been disabled by default. From version 2.16.0 (along with 2.12.2, 2.12.3, and 2.3.1), this functionality has been completely removed. Note that this vulnerability is specific to log4j-core and does not affect log4net, log4cxx, or other Apache Logging Services projects."
},
{
"lang": "es",
"value": "Las caracter\u00edsticas JNDI de Apache Log4j2 2.0-beta9 hasta 2.15.0 (excluyendo las versiones de seguridad 2.12.2, 2.12.3 y 2.3.1) utilizadas en la configuraci\u00f3n, los mensajes de registro y los par\u00e1metros no protegen contra LDAP controlado por un atacante y otros puntos finales relacionados con JNDI. Un atacante que pueda controlar los mensajes de registro o los par\u00e1metros de los mensajes de registro puede ejecutar c\u00f3digo arbitrario cargado desde servidores LDAP cuando la sustituci\u00f3n de la b\u00fasqueda de mensajes est\u00e1 habilitada. A partir de la versi\u00f3n 2.15.0 de log4j, este comportamiento ha sido deshabilitado por defecto. A partir de la versi\u00f3n 2.16.0 (junto con las versiones 2.12.2, 2.12.3 y 2.3.1), esta funcionalidad se ha eliminado por completo. Tenga en cuenta que esta vulnerabilidad es espec\u00edfica de log4j-core y no afecta a log4net, log4cxx u otros proyectos de Apache Logging Services"
}
],
"id": "CVE-2021-44228",
"lastModified": "2025-10-27T17:40:33.680",
"metrics": {
"cvssMetricV2": [
{
"acInsufInfo": false,
"baseSeverity": "HIGH",
"cvssData": {
"accessComplexity": "MEDIUM",
"accessVector": "NETWORK",
"authentication": "NONE",
"availabilityImpact": "COMPLETE",
"baseScore": 9.3,
"confidentialityImpact": "COMPLETE",
"integrityImpact": "COMPLETE",
"vectorString": "AV:N/AC:M/Au:N/C:C/I:C/A:C",
"version": "2.0"
},
"exploitabilityScore": 8.6,
"impactScore": 10.0,
"obtainAllPrivilege": false,
"obtainOtherPrivilege": false,
"obtainUserPrivilege": false,
"source": "nvd@nist.gov",
"type": "Primary",
"userInteractionRequired": false
}
],
"cvssMetricV31": [
{
"cvssData": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "HIGH",
"baseScore": 10.0,
"baseSeverity": "CRITICAL",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"privilegesRequired": "NONE",
"scope": "CHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:C/C:H/I:H/A:H",
"version": "3.1"
},
"exploitabilityScore": 3.9,
"impactScore": 6.0,
"source": "nvd@nist.gov",
"type": "Primary"
},
{
"cvssData": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "HIGH",
"baseScore": 10.0,
"baseSeverity": "CRITICAL",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"privilegesRequired": "NONE",
"scope": "CHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:C/C:H/I:H/A:H",
"version": "3.1"
},
"exploitabilityScore": 3.9,
"impactScore": 6.0,
"source": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"type": "Secondary"
}
]
},
"published": "2021-12-10T10:15:09.143",
"references": [
{
"source": "security@apache.org",
"tags": [
"Third Party Advisory",
"VDB Entry"
],
"url": "http://packetstormsecurity.com/files/165225/Apache-Log4j2-2.14.1-Remote-Code-Execution.html"
},
{
"source": "security@apache.org",
"tags": [
"Third Party Advisory",
"VDB Entry"
],
"url": "http://packetstormsecurity.com/files/165260/VMware-Security-Advisory-2021-0028.html"
},
{
"source": "security@apache.org",
"tags": [
"Exploit",
"Third Party Advisory",
"VDB Entry"
],
"url": "http://packetstormsecurity.com/files/165261/Apache-Log4j2-2.14.1-Information-Disclosure.html"
},
{
"source": "security@apache.org",
"tags": [
"Exploit",
"Third Party Advisory",
"VDB Entry"
],
"url": "http://packetstormsecurity.com/files/165270/Apache-Log4j2-2.14.1-Remote-Code-Execution.html"
},
{
"source": "security@apache.org",
"tags": [
"Third Party Advisory",
"VDB Entry"
],
"url": "http://packetstormsecurity.com/files/165281/Log4j2-Log4Shell-Regexes.html"
},
{
"source": "security@apache.org",
"tags": [
"Third Party Advisory",
"VDB Entry"
],
"url": "http://packetstormsecurity.com/files/165282/Log4j-Payload-Generator.html"
},
{
"source": "security@apache.org",
"tags": [
"Third Party Advisory",
"VDB Entry"
],
"url": "http://packetstormsecurity.com/files/165306/L4sh-Log4j-Remote-Code-Execution.html"
},
{
"source": "security@apache.org",
"tags": [
"Third Party Advisory",
"VDB Entry"
],
"url": "http://packetstormsecurity.com/files/165307/Log4j-Remote-Code-Execution-Word-Bypassing.html"
},
{
"source": "security@apache.org",
"tags": [
"Broken Link",
"Third Party Advisory",
"VDB Entry"
],
"url": "http://packetstormsecurity.com/files/165311/log4j-scan-Extensive-Scanner.html"
},
{
"source": "security@apache.org",
"tags": [
"Exploit",
"Third Party Advisory",
"VDB Entry"
],
"url": "http://packetstormsecurity.com/files/165371/VMware-Security-Advisory-2021-0028.4.html"
},
{
"source": "security@apache.org",
"tags": [
"Exploit",
"Third Party Advisory",
"VDB Entry"
],
"url": "http://packetstormsecurity.com/files/165532/Log4Shell-HTTP-Header-Injection.html"
},
{
"source": "security@apache.org",
"tags": [
"Exploit",
"Third Party Advisory",
"VDB Entry"
],
"url": "http://packetstormsecurity.com/files/165642/VMware-vCenter-Server-Unauthenticated-Log4Shell-JNDI-Injection-Remote-Code-Execution.html"
},
{
"source": "security@apache.org",
"tags": [
"Exploit",
"Third Party Advisory",
"VDB Entry"
],
"url": "http://packetstormsecurity.com/files/165673/UniFi-Network-Application-Unauthenticated-Log4Shell-Remote-Code-Execution.html"
},
{
"source": "security@apache.org",
"tags": [
"Third Party Advisory",
"VDB Entry"
],
"url": "http://packetstormsecurity.com/files/167794/Open-Xchange-App-Suite-7.10.x-Cross-Site-Scripting-Command-Injection.html"
},
{
"source": "security@apache.org",
"tags": [
"Exploit",
"Third Party Advisory",
"VDB Entry"
],
"url": "http://packetstormsecurity.com/files/167917/MobileIron-Log4Shell-Remote-Command-Execution.html"
},
{
"source": "security@apache.org",
"tags": [
"Third Party Advisory",
"VDB Entry"
],
"url": "http://packetstormsecurity.com/files/171626/AD-Manager-Plus-7122-Remote-Code-Execution.html"
},
{
"source": "security@apache.org",
"tags": [
"Exploit",
"Mailing List",
"Third Party Advisory"
],
"url": "http://seclists.org/fulldisclosure/2022/Dec/2"
},
{
"source": "security@apache.org",
"tags": [
"Mailing List",
"Third Party Advisory"
],
"url": "http://seclists.org/fulldisclosure/2022/Jul/11"
},
{
"source": "security@apache.org",
"tags": [
"Mailing List",
"Third Party Advisory"
],
"url": "http://seclists.org/fulldisclosure/2022/Mar/23"
},
{
"source": "security@apache.org",
"tags": [
"Mailing List",
"Mitigation",
"Third Party Advisory"
],
"url": "http://www.openwall.com/lists/oss-security/2021/12/10/1"
},
{
"source": "security@apache.org",
"tags": [
"Mailing List",
"Mitigation",
"Third Party Advisory"
],
"url": "http://www.openwall.com/lists/oss-security/2021/12/10/2"
},
{
"source": "security@apache.org",
"tags": [
"Mailing List",
"Third Party Advisory"
],
"url": "http://www.openwall.com/lists/oss-security/2021/12/10/3"
},
{
"source": "security@apache.org",
"tags": [
"Mailing List",
"Third Party Advisory"
],
"url": "http://www.openwall.com/lists/oss-security/2021/12/13/1"
},
{
"source": "security@apache.org",
"tags": [
"Mailing List",
"Third Party Advisory"
],
"url": "http://www.openwall.com/lists/oss-security/2021/12/13/2"
},
{
"source": "security@apache.org",
"tags": [
"Mailing List",
"Third Party Advisory"
],
"url": "http://www.openwall.com/lists/oss-security/2021/12/14/4"
},
{
"source": "security@apache.org",
"tags": [
"Mailing List",
"Third Party Advisory"
],
"url": "http://www.openwall.com/lists/oss-security/2021/12/15/3"
},
{
"source": "security@apache.org",
"tags": [
"Third Party Advisory"
],
"url": "https://cert-portal.siemens.com/productcert/pdf/ssa-397453.pdf"
},
{
"source": "security@apache.org",
"tags": [
"Third Party Advisory"
],
"url": "https://cert-portal.siemens.com/productcert/pdf/ssa-479842.pdf"
},
{
"source": "security@apache.org",
"tags": [
"Third Party Advisory"
],
"url": "https://cert-portal.siemens.com/productcert/pdf/ssa-661247.pdf"
},
{
"source": "security@apache.org",
"tags": [
"Third Party Advisory"
],
"url": "https://cert-portal.siemens.com/productcert/pdf/ssa-714170.pdf"
},
{
"source": "security@apache.org",
"tags": [
"Third Party Advisory"
],
"url": "https://github.com/cisagov/log4j-affected-db"
},
{
"source": "security@apache.org",
"tags": [
"Broken Link",
"Product",
"US Government Resource"
],
"url": "https://github.com/cisagov/log4j-affected-db/blob/develop/SOFTWARE-LIST.md"
},
{
"source": "security@apache.org",
"tags": [
"Exploit",
"Third Party Advisory"
],
"url": "https://github.com/nu11secur1ty/CVE-mitre/tree/main/CVE-2021-44228"
},
{
"source": "security@apache.org",
"tags": [
"Mailing List",
"Third Party Advisory"
],
"url": "https://lists.debian.org/debian-lts-announce/2021/12/msg00007.html"
},
{
"source": "security@apache.org",
"tags": [
"Release Notes"
],
"url": "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/M5CSVUNV4HWZZXGOKNSK6L7RPM7BOKIB/"
},
{
"source": "security@apache.org",
"tags": [
"Release Notes"
],
"url": "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/VU57UJDCFIASIO35GC55JMKSRXJMCDFM/"
},
{
"source": "security@apache.org",
"tags": [
"Release Notes",
"Vendor Advisory"
],
"url": "https://logging.apache.org/log4j/2.x/security.html"
},
{
"source": "security@apache.org",
"tags": [
"Patch",
"Third Party Advisory",
"Vendor Advisory"
],
"url": "https://msrc-blog.microsoft.com/2021/12/11/microsofts-response-to-cve-2021-44228-apache-log4j2/"
},
{
"source": "security@apache.org",
"tags": [
"Third Party Advisory"
],
"url": "https://psirt.global.sonicwall.com/vuln-detail/SNWLID-2021-0032"
},
{
"source": "security@apache.org",
"tags": [
"Third Party Advisory"
],
"url": "https://security.netapp.com/advisory/ntap-20211210-0007/"
},
{
"source": "security@apache.org",
"tags": [
"Third Party Advisory"
],
"url": "https://support.apple.com/kb/HT213189"
},
{
"source": "security@apache.org",
"tags": [
"Third Party Advisory"
],
"url": "https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-apache-log4j-qRuKNEbd"
},
{
"source": "security@apache.org",
"tags": [
"Broken Link",
"Exploit",
"Third Party Advisory"
],
"url": "https://twitter.com/kurtseifried/status/1469345530182455296"
},
{
"source": "security@apache.org",
"tags": [
"Third Party Advisory"
],
"url": "https://www.bentley.com/en/common-vulnerability-exposure/be-2022-0001"
},
{
"source": "security@apache.org",
"tags": [
"Mailing List",
"Third Party Advisory"
],
"url": "https://www.debian.org/security/2021/dsa-5020"
},
{
"source": "security@apache.org",
"tags": [
"Third Party Advisory"
],
"url": "https://www.intel.com/content/www/us/en/security-center/advisory/intel-sa-00646.html"
},
{
"source": "security@apache.org",
"tags": [
"Third Party Advisory",
"US Government Resource"
],
"url": "https://www.kb.cert.org/vuls/id/930724"
},
{
"source": "security@apache.org",
"tags": [
"Exploit",
"Third Party Advisory"
],
"url": "https://www.nu11secur1ty.com/2021/12/cve-2021-44228.html"
},
{
"source": "security@apache.org",
"tags": [
"Third Party Advisory"
],
"url": "https://www.oracle.com/security-alerts/alert-cve-2021-44228.html"
},
{
"source": "security@apache.org",
"tags": [
"Patch",
"Third Party Advisory"
],
"url": "https://www.oracle.com/security-alerts/cpuapr2022.html"
},
{
"source": "security@apache.org",
"tags": [
"Patch",
"Third Party Advisory"
],
"url": "https://www.oracle.com/security-alerts/cpujan2022.html"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Third Party Advisory",
"VDB Entry"
],
"url": "http://packetstormsecurity.com/files/165225/Apache-Log4j2-2.14.1-Remote-Code-Execution.html"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Third Party Advisory",
"VDB Entry"
],
"url": "http://packetstormsecurity.com/files/165260/VMware-Security-Advisory-2021-0028.html"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Exploit",
"Third Party Advisory",
"VDB Entry"
],
"url": "http://packetstormsecurity.com/files/165261/Apache-Log4j2-2.14.1-Information-Disclosure.html"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Exploit",
"Third Party Advisory",
"VDB Entry"
],
"url": "http://packetstormsecurity.com/files/165270/Apache-Log4j2-2.14.1-Remote-Code-Execution.html"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Third Party Advisory",
"VDB Entry"
],
"url": "http://packetstormsecurity.com/files/165281/Log4j2-Log4Shell-Regexes.html"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Third Party Advisory",
"VDB Entry"
],
"url": "http://packetstormsecurity.com/files/165282/Log4j-Payload-Generator.html"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Third Party Advisory",
"VDB Entry"
],
"url": "http://packetstormsecurity.com/files/165306/L4sh-Log4j-Remote-Code-Execution.html"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Third Party Advisory",
"VDB Entry"
],
"url": "http://packetstormsecurity.com/files/165307/Log4j-Remote-Code-Execution-Word-Bypassing.html"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Broken Link",
"Third Party Advisory",
"VDB Entry"
],
"url": "http://packetstormsecurity.com/files/165311/log4j-scan-Extensive-Scanner.html"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Exploit",
"Third Party Advisory",
"VDB Entry"
],
"url": "http://packetstormsecurity.com/files/165371/VMware-Security-Advisory-2021-0028.4.html"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Exploit",
"Third Party Advisory",
"VDB Entry"
],
"url": "http://packetstormsecurity.com/files/165532/Log4Shell-HTTP-Header-Injection.html"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Exploit",
"Third Party Advisory",
"VDB Entry"
],
"url": "http://packetstormsecurity.com/files/165642/VMware-vCenter-Server-Unauthenticated-Log4Shell-JNDI-Injection-Remote-Code-Execution.html"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Exploit",
"Third Party Advisory",
"VDB Entry"
],
"url": "http://packetstormsecurity.com/files/165673/UniFi-Network-Application-Unauthenticated-Log4Shell-Remote-Code-Execution.html"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Third Party Advisory",
"VDB Entry"
],
"url": "http://packetstormsecurity.com/files/167794/Open-Xchange-App-Suite-7.10.x-Cross-Site-Scripting-Command-Injection.html"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Exploit",
"Third Party Advisory",
"VDB Entry"
],
"url": "http://packetstormsecurity.com/files/167917/MobileIron-Log4Shell-Remote-Command-Execution.html"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Third Party Advisory",
"VDB Entry"
],
"url": "http://packetstormsecurity.com/files/171626/AD-Manager-Plus-7122-Remote-Code-Execution.html"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Exploit",
"Mailing List",
"Third Party Advisory"
],
"url": "http://seclists.org/fulldisclosure/2022/Dec/2"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Mailing List",
"Third Party Advisory"
],
"url": "http://seclists.org/fulldisclosure/2022/Jul/11"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Mailing List",
"Third Party Advisory"
],
"url": "http://seclists.org/fulldisclosure/2022/Mar/23"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Mailing List",
"Mitigation",
"Third Party Advisory"
],
"url": "http://www.openwall.com/lists/oss-security/2021/12/10/1"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Mailing List",
"Mitigation",
"Third Party Advisory"
],
"url": "http://www.openwall.com/lists/oss-security/2021/12/10/2"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Mailing List",
"Third Party Advisory"
],
"url": "http://www.openwall.com/lists/oss-security/2021/12/10/3"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Mailing List",
"Third Party Advisory"
],
"url": "http://www.openwall.com/lists/oss-security/2021/12/13/1"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Mailing List",
"Third Party Advisory"
],
"url": "http://www.openwall.com/lists/oss-security/2021/12/13/2"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Mailing List",
"Third Party Advisory"
],
"url": "http://www.openwall.com/lists/oss-security/2021/12/14/4"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Mailing List",
"Third Party Advisory"
],
"url": "http://www.openwall.com/lists/oss-security/2021/12/15/3"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Third Party Advisory"
],
"url": "https://cert-portal.siemens.com/productcert/pdf/ssa-397453.pdf"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Third Party Advisory"
],
"url": "https://cert-portal.siemens.com/productcert/pdf/ssa-479842.pdf"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Third Party Advisory"
],
"url": "https://cert-portal.siemens.com/productcert/pdf/ssa-661247.pdf"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Third Party Advisory"
],
"url": "https://cert-portal.siemens.com/productcert/pdf/ssa-714170.pdf"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Third Party Advisory"
],
"url": "https://github.com/cisagov/log4j-affected-db"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Broken Link",
"Product",
"US Government Resource"
],
"url": "https://github.com/cisagov/log4j-affected-db/blob/develop/SOFTWARE-LIST.md"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Exploit",
"Third Party Advisory"
],
"url": "https://github.com/nu11secur1ty/CVE-mitre/tree/main/CVE-2021-44228"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Mailing List",
"Third Party Advisory"
],
"url": "https://lists.debian.org/debian-lts-announce/2021/12/msg00007.html"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Release Notes"
],
"url": "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/M5CSVUNV4HWZZXGOKNSK6L7RPM7BOKIB/"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Release Notes"
],
"url": "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/VU57UJDCFIASIO35GC55JMKSRXJMCDFM/"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Release Notes",
"Vendor Advisory"
],
"url": "https://logging.apache.org/log4j/2.x/security.html"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Patch",
"Third Party Advisory",
"Vendor Advisory"
],
"url": "https://msrc-blog.microsoft.com/2021/12/11/microsofts-response-to-cve-2021-44228-apache-log4j2/"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Third Party Advisory"
],
"url": "https://psirt.global.sonicwall.com/vuln-detail/SNWLID-2021-0032"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Third Party Advisory"
],
"url": "https://security.netapp.com/advisory/ntap-20211210-0007/"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Third Party Advisory"
],
"url": "https://support.apple.com/kb/HT213189"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Third Party Advisory"
],
"url": "https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-apache-log4j-qRuKNEbd"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Broken Link",
"Exploit",
"Third Party Advisory"
],
"url": "https://twitter.com/kurtseifried/status/1469345530182455296"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Third Party Advisory"
],
"url": "https://www.bentley.com/en/common-vulnerability-exposure/be-2022-0001"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Mailing List",
"Third Party Advisory"
],
"url": "https://www.debian.org/security/2021/dsa-5020"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Third Party Advisory"
],
"url": "https://www.intel.com/content/www/us/en/security-center/advisory/intel-sa-00646.html"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Third Party Advisory",
"US Government Resource"
],
"url": "https://www.kb.cert.org/vuls/id/930724"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Exploit",
"Third Party Advisory"
],
"url": "https://www.nu11secur1ty.com/2021/12/cve-2021-44228.html"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Third Party Advisory"
],
"url": "https://www.oracle.com/security-alerts/alert-cve-2021-44228.html"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Patch",
"Third Party Advisory"
],
"url": "https://www.oracle.com/security-alerts/cpuapr2022.html"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Patch",
"Third Party Advisory"
],
"url": "https://www.oracle.com/security-alerts/cpujan2022.html"
},
{
"source": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"tags": [
"Third Party Advisory",
"US Government Resource"
],
"url": "https://www.cisa.gov/known-exploited-vulnerabilities-catalog?field_cve=CVE-2021-44228"
}
],
"sourceIdentifier": "security@apache.org",
"vulnStatus": "Undergoing Analysis",
"weaknesses": [
{
"description": [
{
"lang": "en",
"value": "CWE-20"
},
{
"lang": "en",
"value": "CWE-400"
},
{
"lang": "en",
"value": "CWE-502"
}
],
"source": "security@apache.org",
"type": "Secondary"
},
{
"description": [
{
"lang": "en",
"value": "CWE-917"
}
],
"source": "nvd@nist.gov",
"type": "Secondary"
}
]
}
FKIE_CVE-2021-1575
Vulnerability from fkie_nvd - Published: 2021-07-08 19:15 - Updated: 2024-11-21 05:44
Severity ?
6.1 (Medium) - CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N
6.1 (Medium) - CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N
6.1 (Medium) - CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N
Summary
A vulnerability in the web-based management interface of Cisco Virtualized Voice Browser could allow an unauthenticated, remote attacker to conduct a cross-site scripting (XSS) attack against a user of the interface. This vulnerability exists because the web-based management interface does not properly validate user-supplied input. An attacker could exploit this vulnerability by persuading a user of an affected interface to click a crafted link. A successful exploit could allow the attacker to execute arbitrary script code in the context of the affected interface or access sensitive, browser-based information.
References
Impacted products
| Vendor | Product | Version | |
|---|---|---|---|
| cisco | virtualized_voice_browser | * |
{
"configurations": [
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:a:cisco:virtualized_voice_browser:*:*:*:*:*:*:*:*",
"matchCriteriaId": "3E535812-9D61-4FF9-98DB-0213D7E927F0",
"versionEndExcluding": "12.6\\(1\\)",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
}
]
}
],
"cveTags": [],
"descriptions": [
{
"lang": "en",
"value": "A vulnerability in the web-based management interface of Cisco Virtualized Voice Browser could allow an unauthenticated, remote attacker to conduct a cross-site scripting (XSS) attack against a user of the interface. This vulnerability exists because the web-based management interface does not properly validate user-supplied input. An attacker could exploit this vulnerability by persuading a user of an affected interface to click a crafted link. A successful exploit could allow the attacker to execute arbitrary script code in the context of the affected interface or access sensitive, browser-based information."
},
{
"lang": "es",
"value": "Una vulnerabilidad en la interfaz de administraci\u00f3n basada en web de Cisco Virtualized Voice Browser podr\u00eda permitir a un atacante remoto no autenticado realizar un ataque de tipo cross-site scripting (XSS) contra un usuario de la interfaz. Esta vulnerabilidad se presenta debido a que la interfaz de administraci\u00f3n basada en web no comprueba correctamente las entradas proporcionadas por el usuario. Un atacante podr\u00eda explotar esta vulnerabilidad convenciendo a un usuario de la interfaz afectada para que haga clic en un enlace dise\u00f1ado. Una explotaci\u00f3n con \u00e9xito podr\u00eda permitir al atacante ejecutar c\u00f3digo script arbitrario en el contexto de la interfaz afectada o acceder a informaci\u00f3n confidencial basada en el navegador"
}
],
"id": "CVE-2021-1575",
"lastModified": "2024-11-21T05:44:39.423",
"metrics": {
"cvssMetricV2": [
{
"acInsufInfo": false,
"baseSeverity": "MEDIUM",
"cvssData": {
"accessComplexity": "MEDIUM",
"accessVector": "NETWORK",
"authentication": "NONE",
"availabilityImpact": "NONE",
"baseScore": 4.3,
"confidentialityImpact": "NONE",
"integrityImpact": "PARTIAL",
"vectorString": "AV:N/AC:M/Au:N/C:N/I:P/A:N",
"version": "2.0"
},
"exploitabilityScore": 8.6,
"impactScore": 2.9,
"obtainAllPrivilege": false,
"obtainOtherPrivilege": false,
"obtainUserPrivilege": false,
"source": "nvd@nist.gov",
"type": "Primary",
"userInteractionRequired": true
}
],
"cvssMetricV31": [
{
"cvssData": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "NONE",
"baseScore": 6.1,
"baseSeverity": "MEDIUM",
"confidentialityImpact": "LOW",
"integrityImpact": "LOW",
"privilegesRequired": "NONE",
"scope": "CHANGED",
"userInteraction": "REQUIRED",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N",
"version": "3.1"
},
"exploitabilityScore": 2.8,
"impactScore": 2.7,
"source": "psirt@cisco.com",
"type": "Secondary"
},
{
"cvssData": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "NONE",
"baseScore": 6.1,
"baseSeverity": "MEDIUM",
"confidentialityImpact": "LOW",
"integrityImpact": "LOW",
"privilegesRequired": "NONE",
"scope": "CHANGED",
"userInteraction": "REQUIRED",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N",
"version": "3.1"
},
"exploitabilityScore": 2.8,
"impactScore": 2.7,
"source": "nvd@nist.gov",
"type": "Primary"
}
]
},
"published": "2021-07-08T19:15:08.853",
"references": [
{
"source": "psirt@cisco.com",
"tags": [
"Vendor Advisory"
],
"url": "https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-vvb-xss-wG4zXRp3"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Vendor Advisory"
],
"url": "https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-vvb-xss-wG4zXRp3"
}
],
"sourceIdentifier": "psirt@cisco.com",
"vulnStatus": "Modified",
"weaknesses": [
{
"description": [
{
"lang": "en",
"value": "CWE-79"
}
],
"source": "psirt@cisco.com",
"type": "Secondary"
},
{
"description": [
{
"lang": "en",
"value": "CWE-79"
}
],
"source": "nvd@nist.gov",
"type": "Primary"
}
]
}
FKIE_CVE-2017-6779
Vulnerability from fkie_nvd - Published: 2018-06-07 12:29 - Updated: 2025-07-31 15:03
Severity ?
Summary
Multiple Cisco products are affected by a vulnerability in local file management for certain system log files of Cisco collaboration products that could allow an unauthenticated, remote attacker to cause high disk utilization, resulting in a denial of service (DoS) condition. The vulnerability occurs because a certain system log file does not have a maximum size restriction. Therefore, the file is allowed to consume the majority of available disk space on the appliance. An attacker could exploit this vulnerability by sending crafted remote connection requests to the appliance. Successful exploitation could allow the attacker to increase the size of a system log file so that it consumes most of the disk space. The lack of available disk space could lead to a DoS condition in which the application functions could operate abnormally, making the appliance unstable. This vulnerability affects the following Cisco Voice Operating System (VOS)-based products: Emergency Responder, Finesse, Hosted Collaboration Mediation Fulfillment, MediaSense, Prime License Manager, SocialMiner, Unified Communications Manager (UCM), Unified Communications Manager IM and Presence Service (IM&P - earlier releases were known as Cisco Unified Presence), Unified Communication Manager Session Management Edition (SME), Unified Contact Center Express (UCCx), Unified Intelligence Center (UIC), Unity Connection, Virtualized Voice Browser. This vulnerability also affects Prime Collaboration Assurance and Prime Collaboration Provisioning. Cisco Bug IDs: CSCvd10872, CSCvf64322, CSCvf64332, CSCvi29538, CSCvi29543, CSCvi29544, CSCvi29546, CSCvi29556, CSCvi29571, CSCvi31738, CSCvi31741, CSCvi31762, CSCvi31807, CSCvi31818, CSCvi31823.
References
Impacted products
{
"configurations": [
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:a:cisco:emergency_responder:*:*:*:*:*:*:*:*",
"matchCriteriaId": "57F71C50-5AEA-4C57-B40D-BD175CE99F61",
"versionEndExcluding": "10.5\\(1a\\)",
"versionStartIncluding": "10.5",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:cisco:emergency_responder:*:*:*:*:*:*:*:*",
"matchCriteriaId": "EADE21CC-8C70-4270-9431-30C4213A8115",
"versionEndExcluding": "11.5\\(4\\)",
"versionStartIncluding": "11.0",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:cisco:emergency_responder:*:*:*:*:*:*:*:*",
"matchCriteriaId": "650A41E1-9A81-4C08-9DDF-9CDDC6E22202",
"versionEndExcluding": "12.0su1",
"versionStartIncluding": "12.0",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:cisco:emergency_responder:11.0\\(1.10000.10\\):*:*:*:*:*:*:*",
"matchCriteriaId": "6E73AED2-74FE-410F-835A-7BD9E5E6C7DE",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
}
]
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:a:cisco:finesse:*:*:*:*:*:*:*:*",
"matchCriteriaId": "17A01F3E-24B2-4FE4-8466-6DE2EFA0530C",
"versionEndExcluding": "11.5\\(3\\)",
"versionStartIncluding": "11.5",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:cisco:finesse:9.5\\(1\\):*:*:*:*:*:*:*",
"matchCriteriaId": "359B9780-D7A7-467C-A665-573C62E981EB",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
}
]
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:a:cisco:hosted_collaboration_mediation_fulfillment:*:*:*:*:*:*:*:*",
"matchCriteriaId": "B834DBFE-9CB9-486C-8084-3735D0994D7F",
"versionEndExcluding": "11.5\\(3\\)",
"versionStartIncluding": "11.5",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:cisco:hosted_collaboration_mediation_fulfillment:9.5\\(1\\):*:*:*:*:*:*:*",
"matchCriteriaId": "2D3EAC03-CB4A-423D-95BF-D7AB258CE2E0",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
}
]
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:a:cisco:mediasense:*:*:*:*:*:*:*:*",
"matchCriteriaId": "8CEF5671-AEB6-442B-8D9F-242447410512",
"versionEndExcluding": "11.5su2",
"versionStartIncluding": "11.5",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:cisco:mediasense:9.5\\(1\\):*:*:*:*:*:*:*",
"matchCriteriaId": "37B3DC93-6772-4836-B969-3D8B0359D4AF",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
}
]
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:a:cisco:prime_collaboration_assurance:*:*:*:*:*:*:*:*",
"matchCriteriaId": "CB04C20D-B989-4B4D-B5F9-C2067CC886E1",
"versionEndExcluding": "11.6_es16",
"versionStartIncluding": "11.6",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:cisco:prime_collaboration_assurance:*:*:*:*:*:*:*:*",
"matchCriteriaId": "B92B3174-0187-4C3A-AFE7-2443FBAEA97E",
"versionEndExcluding": "12.1_es2",
"versionStartIncluding": "12.1",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
}
]
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:a:cisco:prime_collaboration_provisioning:12.5:*:*:*:*:*:*:*",
"matchCriteriaId": "2BDA7BD5-70AE-431C-8E92-171A84BAA77F",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
}
]
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:a:cisco:prime_license_manager:*:*:*:*:*:*:*:*",
"matchCriteriaId": "FA9960C4-874D-44DF-B686-9039179378F4",
"versionEndExcluding": "10.5.2",
"versionStartIncluding": "10.5",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:cisco:prime_license_manager:*:*:*:*:*:*:*:*",
"matchCriteriaId": "10FC0ED2-B2D2-4F52-B2B0-AC0DDCB430E9",
"versionEndExcluding": "11.5\\(1\\)su5",
"versionStartIncluding": "11.0",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
}
]
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:a:cisco:socialminer:*:*:*:*:*:*:*:*",
"matchCriteriaId": "F8F4EDF5-67A4-42E1-BCB3-DB36A74C15A7",
"versionEndExcluding": "11.6.1",
"versionStartIncluding": "11.6",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
}
]
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:a:cisco:unified_communications_manager:*:*:*:*:*:*:*:*",
"matchCriteriaId": "DE65718F-D5E7-4FFA-985E-D0BCE395DBAE",
"versionEndExcluding": "10.5\\(2\\)su5",
"versionStartIncluding": "10.0",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:cisco:unified_communications_manager:*:*:*:*:*:*:*:*",
"matchCriteriaId": "CE99092A-3EB2-4F0B-8812-ECA6B67AA301",
"versionEndExcluding": "11.0\\(1a\\)su4",
"versionStartIncluding": "11.0",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:cisco:unified_communications_manager:*:*:*:*:*:*:*:*",
"matchCriteriaId": "8439C2DF-9F4B-40FE-8898-6331064026AA",
"versionEndExcluding": "11.5\\(1\\)su3",
"versionStartIncluding": "11.5",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:cisco:unified_communications_manager:10.5\\(2.10000.5\\):*:*:*:*:*:*:*",
"matchCriteriaId": "520555C7-5E9B-4C76-AAB5-5DD8B29D18F0",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:cisco:unified_communications_manager:11.0\\(1.10000.10\\):*:*:*:*:*:*:*",
"matchCriteriaId": "F47282B9-8B76-40E0-B72C-A6A196A37A0C",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:cisco:unified_communications_manager:11.5\\(1.10000.6\\):*:*:*:*:*:*:*",
"matchCriteriaId": "21BFC3A9-B6B1-49EE-A93A-6432BFE33E84",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:cisco:unified_communications_manager:12.0:*:*:*:*:*:*:*",
"matchCriteriaId": "05BD68E4-4296-49ED-B789-60B935210C28",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
}
]
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:a:cisco:unified_contact_center_express:*:*:*:*:*:*:*:*",
"matchCriteriaId": "271E4847-9AF4-4DDC-82AB-3BE20F7A67F9",
"versionEndExcluding": "11.6\\(1\\)",
"versionStartIncluding": "11.6",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:cisco:unified_contact_center_express:9.0\\(2\\)su1.3:*:*:*:*:*:*:*",
"matchCriteriaId": "31FFF48A-B174-4FD6-9626-E81B5BAE3B43",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
}
]
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:a:cisco:unified_intelligence_center:*:*:*:*:*:*:*:*",
"matchCriteriaId": "30B24C3F-B602-42B6-95E8-C1E4B247A28D",
"versionEndExcluding": "11.6\\(1\\)",
"versionStartIncluding": "11.6",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:cisco:unified_intelligence_center:9.5\\(1\\):*:*:*:*:*:*:*",
"matchCriteriaId": "1D8337AC-7B8F-42E0-A714-ACD569C0CA77",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
}
]
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:a:cisco:unity_connection:*:*:*:*:*:*:*:*",
"matchCriteriaId": "4F1EF97D-52BC-4A60-9A73-09BFAAD05DAD",
"versionEndExcluding": "10.5su5",
"versionStartIncluding": "10.5",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:cisco:unity_connection:*:*:*:*:*:*:*:*",
"matchCriteriaId": "DFD34725-568D-4612-A84F-FF524D57F0E4",
"versionEndExcluding": "11.5.1su3",
"versionStartIncluding": "11.0",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:cisco:unity_connection:9.5\\(0.9\\)tt0:*:*:*:*:*:*:*",
"matchCriteriaId": "0C5B4499-83A3-461B-AC8C-45BEABCBA1CE",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:cisco:unity_connection:12.0:*:*:*:*:*:*:*",
"matchCriteriaId": "65D225AB-813B-4182-8916-0FE8307BB18B",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
}
]
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:a:cisco:virtualized_voice_browser:*:*:*:*:*:*:*:*",
"matchCriteriaId": "A9928C83-6BEB-44AA-BB2E-AA2B9DC58BE4",
"versionEndExcluding": "11.6\\(1\\)",
"versionStartIncluding": "11.6",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
}
]
}
],
"cveTags": [],
"descriptions": [
{
"lang": "en",
"value": "Multiple Cisco products are affected by a vulnerability in local file management for certain system log files of Cisco collaboration products that could allow an unauthenticated, remote attacker to cause high disk utilization, resulting in a denial of service (DoS) condition. The vulnerability occurs because a certain system log file does not have a maximum size restriction. Therefore, the file is allowed to consume the majority of available disk space on the appliance. An attacker could exploit this vulnerability by sending crafted remote connection requests to the appliance. Successful exploitation could allow the attacker to increase the size of a system log file so that it consumes most of the disk space. The lack of available disk space could lead to a DoS condition in which the application functions could operate abnormally, making the appliance unstable. This vulnerability affects the following Cisco Voice Operating System (VOS)-based products: Emergency Responder, Finesse, Hosted Collaboration Mediation Fulfillment, MediaSense, Prime License Manager, SocialMiner, Unified Communications Manager (UCM), Unified Communications Manager IM and Presence Service (IM\u0026P - earlier releases were known as Cisco Unified Presence), Unified Communication Manager Session Management Edition (SME), Unified Contact Center Express (UCCx), Unified Intelligence Center (UIC), Unity Connection, Virtualized Voice Browser. This vulnerability also affects Prime Collaboration Assurance and Prime Collaboration Provisioning. Cisco Bug IDs: CSCvd10872, CSCvf64322, CSCvf64332, CSCvi29538, CSCvi29543, CSCvi29544, CSCvi29546, CSCvi29556, CSCvi29571, CSCvi31738, CSCvi31741, CSCvi31762, CSCvi31807, CSCvi31818, CSCvi31823."
},
{
"lang": "es",
"value": "M\u00faltiples productos Cisco se han visto afectados por una vulnerabilidad en la gesti\u00f3n de archivos locales para ciertos archivos de log del sistema de productos Cisco Collaboration que podr\u00edan permitir que un atacante remoto no autenticado provoque un gran uso del disco, lo que resulta en una condici\u00f3n de denegaci\u00f3n de servicio (DoS). La vulnerabilidad ocurre debido a que cierto archivo de registro del sistema no tiene una restricci\u00f3n de tama\u00f1o m\u00e1ximo. Por lo tanto, se permite que el archivo consuma la mayor\u00eda de espacio disponible en el dispositivo. Un atacante podr\u00eda explotar esta vulnerabilidad enviando peticiones de conexi\u00f3n remota manipuladas al dispositivo. La explotaci\u00f3n con \u00e9xito podr\u00eda permitir que el atacante aumente el tama\u00f1o de un archivo de log del sistema para que consuma casi todo el espacio del disco. La falta de espacio disponible en el disco podr\u00eda desembocar en una condici\u00f3n de denegaci\u00f3n de servicio (DoS) en la que las funciones de la aplicaci\u00f3n podr\u00edan operar de forma err\u00f3nea, haciendo que la aplicaci\u00f3n sea inestable. Esta vulnerabilidad afecta a los siguientes productos basados en Cisco Voice Operating System (VOS): Emergency Responder, Finesse, Hosted Collaboration Mediation Fulfillment, MediaSense, Prime License Manager, SocialMiner, Unified Communications Manager (UCM), Unified Communications Manager IM and Presence Service (IMP - earlier releases were known as Cisco Unified Presence), Unified Communication Manager Session Management Edition (SME), Unified Contact Center Express (UCCx), Unified Intelligence Center (UIC), Unity Connection y Virtualized Voice Browser. Esta vulnerabilidad tambi\u00e9n afecta a Prime Collaboration Assurance y Prime Collaboration Provisioning. Cisco Bug IDs: CSCvd10872, CSCvf64322, CSCvf64332, CSCvi29538, CSCvi29543, CSCvi29544, CSCvi29546, CSCvi29556, CSCvi29571, CSCvi31738, CSCvi31741, CSCvi31762, CSCvi31807, CSCvi31818 y CSCvi31823."
}
],
"id": "CVE-2017-6779",
"lastModified": "2025-07-31T15:03:24.870",
"metrics": {
"cvssMetricV2": [
{
"acInsufInfo": false,
"baseSeverity": "HIGH",
"cvssData": {
"accessComplexity": "LOW",
"accessVector": "NETWORK",
"authentication": "NONE",
"availabilityImpact": "COMPLETE",
"baseScore": 7.8,
"confidentialityImpact": "NONE",
"integrityImpact": "NONE",
"vectorString": "AV:N/AC:L/Au:N/C:N/I:N/A:C",
"version": "2.0"
},
"exploitabilityScore": 10.0,
"impactScore": 6.9,
"obtainAllPrivilege": false,
"obtainOtherPrivilege": false,
"obtainUserPrivilege": false,
"source": "nvd@nist.gov",
"type": "Primary",
"userInteractionRequired": false
}
],
"cvssMetricV30": [
{
"cvssData": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "HIGH",
"baseScore": 7.5,
"baseSeverity": "HIGH",
"confidentialityImpact": "NONE",
"integrityImpact": "NONE",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H",
"version": "3.0"
},
"exploitabilityScore": 3.9,
"impactScore": 3.6,
"source": "nvd@nist.gov",
"type": "Primary"
}
]
},
"published": "2018-06-07T12:29:00.260",
"references": [
{
"source": "psirt@cisco.com",
"tags": [
"Vendor Advisory"
],
"url": "https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20180606-diskdos"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Vendor Advisory"
],
"url": "https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20180606-diskdos"
}
],
"sourceIdentifier": "psirt@cisco.com",
"vulnStatus": "Modified",
"weaknesses": [
{
"description": [
{
"lang": "en",
"value": "CWE-399"
}
],
"source": "psirt@cisco.com",
"type": "Secondary"
},
{
"description": [
{
"lang": "en",
"value": "CWE-400"
}
],
"source": "nvd@nist.gov",
"type": "Primary"
}
]
}
CVE-2025-20278 (GCVE-0-2025-20278)
Vulnerability from cvelistv5 – Published: 2025-06-04 16:18 – Updated: 2025-06-06 03:55
VLAI?
Summary
A vulnerability in the CLI of multiple Cisco Unified Communications products could allow an authenticated, local attacker to execute arbitrary commands on the underlying operating system of an affected device as the root user.
This vulnerability is due to improper validation of user-supplied command arguments. An attacker could exploit this vulnerability by executing crafted commands on the CLI of an affected device. A successful exploit could allow the attacker to execute arbitrary commands on the underlying operating system of an affected device as the root user. To exploit this vulnerability, the attacker must have valid administrative credentials.
Severity ?
6 (Medium)
CWE
- CWE-77 - Improper Neutralization of Special Elements used in a Command ('Command Injection')
Assigner
References
Impacted products
| Vendor | Product | Version | |||||||||||||||||||||||||||||||||||||
|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|
| Cisco | Cisco Finesse |
Affected:
11.0(1)ES_Rollback
Affected: 10.5(1)ES4 Affected: 11.6(1)ES3 Affected: 11.0(1)ES2 Affected: 12.0(1)ES2 Affected: 10.5(1)ES3 Affected: 11.0(1) Affected: 11.6(1)FIPS Affected: 11.6(1)ES4 Affected: 11.0(1)ES3 Affected: 10.5(1)ES6 Affected: 11.0(1)ES7 Affected: 11.5(1)ES4 Affected: 10.5(1)ES8 Affected: 11.5(1) Affected: 11.6(1) Affected: 10.5(1)ES10 Affected: 11.6(1)ES2 Affected: 11.6(1)ES Affected: 11.0(1)ES6 Affected: 11.0(1)ES4 Affected: 12.0(1) Affected: 11.6(1)ES7 Affected: 10.5(1)ES7 Affected: 11.6(1)ES8 Affected: 11.5(1)ES1 Affected: 11.6(1)ES1 Affected: 11.5(1)ES5 Affected: 11.0(1)ES1 Affected: 10.5(1) Affected: 11.6(1)ES6 Affected: 10.5(1)ES2 Affected: 12.0(1)ES1 Affected: 11.0(1)ES5 Affected: 10.5(1)ES5 Affected: 11.5(1)ES3 Affected: 11.5(1)ES2 Affected: 10.5(1)ES9 Affected: 11.6(1)ES5 Affected: 11.6(1)ES9 Affected: 11.5(1)ES6 Affected: 10.5(1)ES1 Affected: 12.5(1) Affected: 12.0(1)ES3 Affected: 11.6(1)ES10 Affected: 12.5(1)ES1 Affected: 12.5(1)ES2 Affected: 12.0(1)ES4 Affected: 12.5(1)ES3 Affected: 12.0(1)ES5 Affected: 12.5(1)ES4 Affected: 12.0(1)ES6 Affected: 12.5(1)ES5 Affected: 12.5(1)ES6 Affected: 12.0(1)ES7 Affected: 12.6(1) Affected: 12.5(1)ES7 Affected: 11.6(1)ES11 Affected: 12.6(1)ES1 Affected: 12.0(1)ES8 Affected: 12.5(1)ES8 Affected: 12.6(1)ES2 Affected: 12.6(1)ES3 Affected: 12.6(1)ES4 Affected: 12.6(1)ES5 Affected: 12.5(2) Affected: 12.5(1)_SU Affected: 12.5(1)SU Affected: 12.6(1)ES6 Affected: 12.5(1)SU ES1 Affected: 12.6(1)ES7 Affected: 12.6(1)ES7_ET Affected: 12.6(2) Affected: 12.6(1)ES8 Affected: 12.6(1)ES9 Affected: 12.6(2)ES1 Affected: 12.6(1)ES10 Affected: 12.5(1)SU ES2 Affected: 12.6(1)ES11 Affected: 12.6(2)ES2 Affected: 12.6(2)ES3 Affected: 12.5(1)SU ES3 Affected: 12.6(2)ES4 Affected: 12.6(2)ES5 |
|||||||||||||||||||||||||||||||||||||
|
|||||||||||||||||||||||||||||||||||||||
{
"containers": {
"adp": [
{
"metrics": [
{
"other": {
"content": {
"id": "CVE-2025-20278",
"options": [
{
"Exploitation": "none"
},
{
"Automatable": "no"
},
{
"Technical Impact": "total"
}
],
"role": "CISA Coordinator",
"timestamp": "2025-06-05T00:00:00+00:00",
"version": "2.0.3"
},
"type": "ssvc"
}
}
],
"providerMetadata": {
"dateUpdated": "2025-06-06T03:55:32.661Z",
"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"shortName": "CISA-ADP"
},
"title": "CISA ADP Vulnrichment"
}
],
"cna": {
"affected": [
{
"defaultStatus": "unknown",
"product": "Cisco Finesse",
"vendor": "Cisco",
"versions": [
{
"status": "affected",
"version": "11.0(1)ES_Rollback"
},
{
"status": "affected",
"version": "10.5(1)ES4"
},
{
"status": "affected",
"version": "11.6(1)ES3"
},
{
"status": "affected",
"version": "11.0(1)ES2"
},
{
"status": "affected",
"version": "12.0(1)ES2"
},
{
"status": "affected",
"version": "10.5(1)ES3"
},
{
"status": "affected",
"version": "11.0(1)"
},
{
"status": "affected",
"version": "11.6(1)FIPS"
},
{
"status": "affected",
"version": "11.6(1)ES4"
},
{
"status": "affected",
"version": "11.0(1)ES3"
},
{
"status": "affected",
"version": "10.5(1)ES6"
},
{
"status": "affected",
"version": "11.0(1)ES7"
},
{
"status": "affected",
"version": "11.5(1)ES4"
},
{
"status": "affected",
"version": "10.5(1)ES8"
},
{
"status": "affected",
"version": "11.5(1)"
},
{
"status": "affected",
"version": "11.6(1)"
},
{
"status": "affected",
"version": "10.5(1)ES10"
},
{
"status": "affected",
"version": "11.6(1)ES2"
},
{
"status": "affected",
"version": "11.6(1)ES"
},
{
"status": "affected",
"version": "11.0(1)ES6"
},
{
"status": "affected",
"version": "11.0(1)ES4"
},
{
"status": "affected",
"version": "12.0(1)"
},
{
"status": "affected",
"version": "11.6(1)ES7"
},
{
"status": "affected",
"version": "10.5(1)ES7"
},
{
"status": "affected",
"version": "11.6(1)ES8"
},
{
"status": "affected",
"version": "11.5(1)ES1"
},
{
"status": "affected",
"version": "11.6(1)ES1"
},
{
"status": "affected",
"version": "11.5(1)ES5"
},
{
"status": "affected",
"version": "11.0(1)ES1"
},
{
"status": "affected",
"version": "10.5(1)"
},
{
"status": "affected",
"version": "11.6(1)ES6"
},
{
"status": "affected",
"version": "10.5(1)ES2"
},
{
"status": "affected",
"version": "12.0(1)ES1"
},
{
"status": "affected",
"version": "11.0(1)ES5"
},
{
"status": "affected",
"version": "10.5(1)ES5"
},
{
"status": "affected",
"version": "11.5(1)ES3"
},
{
"status": "affected",
"version": "11.5(1)ES2"
},
{
"status": "affected",
"version": "10.5(1)ES9"
},
{
"status": "affected",
"version": "11.6(1)ES5"
},
{
"status": "affected",
"version": "11.6(1)ES9"
},
{
"status": "affected",
"version": "11.5(1)ES6"
},
{
"status": "affected",
"version": "10.5(1)ES1"
},
{
"status": "affected",
"version": "12.5(1)"
},
{
"status": "affected",
"version": "12.0(1)ES3"
},
{
"status": "affected",
"version": "11.6(1)ES10"
},
{
"status": "affected",
"version": "12.5(1)ES1"
},
{
"status": "affected",
"version": "12.5(1)ES2"
},
{
"status": "affected",
"version": "12.0(1)ES4"
},
{
"status": "affected",
"version": "12.5(1)ES3"
},
{
"status": "affected",
"version": "12.0(1)ES5"
},
{
"status": "affected",
"version": "12.5(1)ES4"
},
{
"status": "affected",
"version": "12.0(1)ES6"
},
{
"status": "affected",
"version": "12.5(1)ES5"
},
{
"status": "affected",
"version": "12.5(1)ES6"
},
{
"status": "affected",
"version": "12.0(1)ES7"
},
{
"status": "affected",
"version": "12.6(1)"
},
{
"status": "affected",
"version": "12.5(1)ES7"
},
{
"status": "affected",
"version": "11.6(1)ES11"
},
{
"status": "affected",
"version": "12.6(1)ES1"
},
{
"status": "affected",
"version": "12.0(1)ES8"
},
{
"status": "affected",
"version": "12.5(1)ES8"
},
{
"status": "affected",
"version": "12.6(1)ES2"
},
{
"status": "affected",
"version": "12.6(1)ES3"
},
{
"status": "affected",
"version": "12.6(1)ES4"
},
{
"status": "affected",
"version": "12.6(1)ES5"
},
{
"status": "affected",
"version": "12.5(2)"
},
{
"status": "affected",
"version": "12.5(1)_SU"
},
{
"status": "affected",
"version": "12.5(1)SU"
},
{
"status": "affected",
"version": "12.6(1)ES6"
},
{
"status": "affected",
"version": "12.5(1)SU ES1"
},
{
"status": "affected",
"version": "12.6(1)ES7"
},
{
"status": "affected",
"version": "12.6(1)ES7_ET"
},
{
"status": "affected",
"version": "12.6(2)"
},
{
"status": "affected",
"version": "12.6(1)ES8"
},
{
"status": "affected",
"version": "12.6(1)ES9"
},
{
"status": "affected",
"version": "12.6(2)ES1"
},
{
"status": "affected",
"version": "12.6(1)ES10"
},
{
"status": "affected",
"version": "12.5(1)SU ES2"
},
{
"status": "affected",
"version": "12.6(1)ES11"
},
{
"status": "affected",
"version": "12.6(2)ES2"
},
{
"status": "affected",
"version": "12.6(2)ES3"
},
{
"status": "affected",
"version": "12.5(1)SU ES3"
},
{
"status": "affected",
"version": "12.6(2)ES4"
},
{
"status": "affected",
"version": "12.6(2)ES5"
}
]
},
{
"defaultStatus": "unknown",
"product": "Cisco SocialMiner",
"vendor": "Cisco",
"versions": [
{
"status": "affected",
"version": "12.5(1)ES01"
},
{
"status": "affected",
"version": "10.5(1)"
},
{
"status": "affected",
"version": "11.6(1)"
},
{
"status": "affected",
"version": "10.6(1)"
},
{
"status": "affected",
"version": "12.0(1)ES04"
},
{
"status": "affected",
"version": "10.6(2)"
},
{
"status": "affected",
"version": "12.5(1)"
},
{
"status": "affected",
"version": "11.6(2)"
},
{
"status": "affected",
"version": "12.0(1)"
},
{
"status": "affected",
"version": "12.0(1)ES02"
},
{
"status": "affected",
"version": "11.0(1)"
},
{
"status": "affected",
"version": "11.5(1)"
},
{
"status": "affected",
"version": "11.5(1)SU1"
},
{
"status": "affected",
"version": "12.0(1)ES03"
},
{
"status": "affected",
"version": "12.5(1)SU3"
},
{
"status": "affected",
"version": "12.5(1)SU1"
},
{
"status": "affected",
"version": "12.5(1)SU2"
}
]
},
{
"defaultStatus": "unknown",
"product": "Cisco Unified Communications Manager",
"vendor": "Cisco",
"versions": [
{
"status": "affected",
"version": "12.5(1)SU2"
},
{
"status": "affected",
"version": "12.5(1)SU1"
},
{
"status": "affected",
"version": "12.5(1)"
},
{
"status": "affected",
"version": "12.5(1)SU3"
},
{
"status": "affected",
"version": "12.5(1)SU4"
},
{
"status": "affected",
"version": "14"
},
{
"status": "affected",
"version": "12.5(1)SU5"
},
{
"status": "affected",
"version": "14SU1"
},
{
"status": "affected",
"version": "12.5(1)SU6"
},
{
"status": "affected",
"version": "14SU2"
},
{
"status": "affected",
"version": "12.5(1)SU7"
},
{
"status": "affected",
"version": "12.5(1)SU7a"
},
{
"status": "affected",
"version": "14SU3"
},
{
"status": "affected",
"version": "12.5(1)SU8"
},
{
"status": "affected",
"version": "12.5(1)SU8a"
},
{
"status": "affected",
"version": "15"
},
{
"status": "affected",
"version": "15SU1"
},
{
"status": "affected",
"version": "14SU4"
},
{
"status": "affected",
"version": "14SU4a"
},
{
"status": "affected",
"version": "15SU1a"
},
{
"status": "affected",
"version": "12.5(1)SU9"
}
]
},
{
"defaultStatus": "unknown",
"product": "Cisco Unified Communications Manager IM and Presence Service",
"vendor": "Cisco",
"versions": [
{
"status": "affected",
"version": "12.5(1)"
},
{
"status": "affected",
"version": "12.5(1)SU1"
},
{
"status": "affected",
"version": "12.5(1)SU2"
},
{
"status": "affected",
"version": "12.5(1)SU3"
},
{
"status": "affected",
"version": "12.5(1)SU4"
},
{
"status": "affected",
"version": "14"
},
{
"status": "affected",
"version": "12.5(1)SU5"
},
{
"status": "affected",
"version": "14SU1"
},
{
"status": "affected",
"version": "12.5(1)SU6"
},
{
"status": "affected",
"version": "14SU2"
},
{
"status": "affected",
"version": "14SU2a"
},
{
"status": "affected",
"version": "12.5(1)SU7"
},
{
"status": "affected",
"version": "14SU3"
},
{
"status": "affected",
"version": "12.5(1)SU8"
},
{
"status": "affected",
"version": "15"
},
{
"status": "affected",
"version": "Recovery ISO"
},
{
"status": "affected",
"version": "15SU1"
},
{
"status": "affected",
"version": "14SU4"
},
{
"status": "affected",
"version": "12.5(1)SU9"
}
]
},
{
"defaultStatus": "unknown",
"product": "Cisco Unified Contact Center Express",
"vendor": "Cisco",
"versions": [
{
"status": "affected",
"version": "10.6(1)"
},
{
"status": "affected",
"version": "10.5(1)SU1"
},
{
"status": "affected",
"version": "10.6(1)SU3"
},
{
"status": "affected",
"version": "12.0(1)"
},
{
"status": "affected",
"version": "10.0(1)SU1"
},
{
"status": "affected",
"version": "10.6(1)SU1"
},
{
"status": "affected",
"version": "11.0(1)SU1"
},
{
"status": "affected",
"version": "11.5(1)SU1"
},
{
"status": "affected",
"version": "10.5(1)"
},
{
"status": "affected",
"version": "11.6(1)"
},
{
"status": "affected",
"version": "11.6(2)"
},
{
"status": "affected",
"version": "12.5(1)"
},
{
"status": "affected",
"version": "12.5(1)SU1"
},
{
"status": "affected",
"version": "12.5(1)SU2"
},
{
"status": "affected",
"version": "12.5(1)SU3"
},
{
"status": "affected",
"version": "12.5(1)_SU03_ES01"
},
{
"status": "affected",
"version": "12.5(1)_SU03_ES02"
},
{
"status": "affected",
"version": "12.5(1)_SU02_ES03"
},
{
"status": "affected",
"version": "12.5(1)_SU02_ES04"
},
{
"status": "affected",
"version": "12.5(1)_SU02_ES02"
},
{
"status": "affected",
"version": "12.5(1)_SU01_ES02"
},
{
"status": "affected",
"version": "12.5(1)_SU01_ES03"
},
{
"status": "affected",
"version": "12.5(1)_SU02_ES01"
},
{
"status": "affected",
"version": "11.6(2)ES07"
},
{
"status": "affected",
"version": "11.6(2)ES08"
},
{
"status": "affected",
"version": "12.5(1)_SU01_ES01"
},
{
"status": "affected",
"version": "12.0(1)ES04"
},
{
"status": "affected",
"version": "12.5(1)ES02"
},
{
"status": "affected",
"version": "12.5(1)ES03"
},
{
"status": "affected",
"version": "11.6(2)ES06"
},
{
"status": "affected",
"version": "12.5(1)ES01"
},
{
"status": "affected",
"version": "12.0(1)ES03"
},
{
"status": "affected",
"version": "12.0(1)ES01"
},
{
"status": "affected",
"version": "11.6(2)ES05"
},
{
"status": "affected",
"version": "12.0(1)ES02"
},
{
"status": "affected",
"version": "11.6(2)ES04"
},
{
"status": "affected",
"version": "11.6(2)ES03"
},
{
"status": "affected",
"version": "11.6(2)ES02"
},
{
"status": "affected",
"version": "11.6(2)ES01"
},
{
"status": "affected",
"version": "10.6(1)SU3ES03"
},
{
"status": "affected",
"version": "11.0(1)SU1ES03"
},
{
"status": "affected",
"version": "10.6(1)SU3ES01"
},
{
"status": "affected",
"version": "10.5(1)SU1ES10"
},
{
"status": "affected",
"version": "10.0(1)SU1ES04"
},
{
"status": "affected",
"version": "11.5(1)SU1ES03"
},
{
"status": "affected",
"version": "11.6(1)ES02"
},
{
"status": "affected",
"version": "11.5(1)ES01"
},
{
"status": "affected",
"version": "9.0(2)SU3ES04"
},
{
"status": "affected",
"version": "10.6(1)SU2"
},
{
"status": "affected",
"version": "10.6(1)SU2ES04"
},
{
"status": "affected",
"version": "11.6(1)ES01"
},
{
"status": "affected",
"version": "10.6(1)SU3ES02"
},
{
"status": "affected",
"version": "11.5(1)SU1ES02"
},
{
"status": "affected",
"version": "11.5(1)SU1ES01"
},
{
"status": "affected",
"version": "8.5(1)"
},
{
"status": "affected",
"version": "11.0(1)SU1ES02"
},
{
"status": "affected",
"version": "12.5(1)_SU03_ES03"
},
{
"status": "affected",
"version": "12.5(1)_SU03_ES04"
},
{
"status": "affected",
"version": "12.5(1)_SU03_ES05"
},
{
"status": "affected",
"version": "12.5(1)_SU03_ES06"
}
]
},
{
"defaultStatus": "unknown",
"product": "Cisco Unified Intelligence Center",
"vendor": "Cisco",
"versions": [
{
"status": "affected",
"version": "11.6(1)"
},
{
"status": "affected",
"version": "10.5(1)"
},
{
"status": "affected",
"version": "11.0(1)"
},
{
"status": "affected",
"version": "11.5(1)"
},
{
"status": "affected",
"version": "12.0(1)"
},
{
"status": "affected",
"version": "12.5(1)"
},
{
"status": "affected",
"version": "11.0(2)"
},
{
"status": "affected",
"version": "12.6(1)"
},
{
"status": "affected",
"version": "12.5(1)SU"
},
{
"status": "affected",
"version": "12.6(1)_ET"
},
{
"status": "affected",
"version": "12.6(1)_ES05_ET"
},
{
"status": "affected",
"version": "11.0(3)"
},
{
"status": "affected",
"version": "12.6(2)"
},
{
"status": "affected",
"version": "12.6(2)_504_Issue_ET"
},
{
"status": "affected",
"version": "12.6.1_ExcelIssue_ET"
},
{
"status": "affected",
"version": "12.6(2)_Permalink_ET"
},
{
"status": "affected",
"version": "12.6.2_CSCwk19536_ET"
},
{
"status": "affected",
"version": "12.6.2_CSCwm96922_ET"
},
{
"status": "affected",
"version": "12.6.2_Amq_OOS_ET"
},
{
"status": "affected",
"version": "12.5(2)ET_CSCwi79933"
},
{
"status": "affected",
"version": "12.6(2)_ET"
},
{
"status": "affected",
"version": "12.6.2_CSCwn48501_ET"
}
]
},
{
"defaultStatus": "unknown",
"product": "Cisco Unity Connection",
"vendor": "Cisco",
"versions": [
{
"status": "affected",
"version": "12.5(1)"
},
{
"status": "affected",
"version": "12.5(1)SU1"
},
{
"status": "affected",
"version": "12.5(1)SU2"
},
{
"status": "affected",
"version": "12.5(1)SU3"
},
{
"status": "affected",
"version": "12.5(1)SU4"
},
{
"status": "affected",
"version": "14"
},
{
"status": "affected",
"version": "12.5(1)SU5"
},
{
"status": "affected",
"version": "14SU1"
},
{
"status": "affected",
"version": "12.5(1)SU6"
},
{
"status": "affected",
"version": "14SU2"
},
{
"status": "affected",
"version": "12.5(1)SU7"
},
{
"status": "affected",
"version": "14SU3"
},
{
"status": "affected",
"version": "12.5(1)SU8"
},
{
"status": "affected",
"version": "14SU3a"
},
{
"status": "affected",
"version": "12.5(1)SU8a"
},
{
"status": "affected",
"version": "15"
},
{
"status": "affected",
"version": "15SU1"
},
{
"status": "affected",
"version": "14SU4"
},
{
"status": "affected",
"version": "12.5(1)SU9"
}
]
},
{
"defaultStatus": "unknown",
"product": "Cisco Virtualized Voice Browser",
"vendor": "Cisco",
"versions": [
{
"status": "affected",
"version": "11.0(1)"
},
{
"status": "affected",
"version": "11.6(1)_ES84"
},
{
"status": "affected",
"version": "11.5(1)_ES54"
},
{
"status": "affected",
"version": "11.5(1)_ES27"
},
{
"status": "affected",
"version": "11.5(1)"
},
{
"status": "affected",
"version": "11.5(1)ES36"
},
{
"status": "affected",
"version": "12.0(1)_ES01"
},
{
"status": "affected",
"version": "11.6(1)_ES85"
},
{
"status": "affected",
"version": "12.5(1)_ES05"
},
{
"status": "affected",
"version": "11.5(1)_ES32"
},
{
"status": "affected",
"version": "11.6(1)_ES83"
},
{
"status": "affected",
"version": "11.5(1)_ES29"
},
{
"status": "affected",
"version": "12.0(1)_ES06"
},
{
"status": "affected",
"version": "12.5(1)"
},
{
"status": "affected",
"version": "12.0(1)_ES07"
},
{
"status": "affected",
"version": "11.6(1)_ES80"
},
{
"status": "affected",
"version": "12.0(1)_ES05"
},
{
"status": "affected",
"version": "11.5(1)_ES36"
},
{
"status": "affected",
"version": "11.5(1)_ES53"
},
{
"status": "affected",
"version": "12.5(1)_ES08"
},
{
"status": "affected",
"version": "11.5(1)ES43"
},
{
"status": "affected",
"version": "12.0(1)_ES03"
},
{
"status": "affected",
"version": "11.6(1)_ES86"
},
{
"status": "affected",
"version": "12.0(1)_ES04"
},
{
"status": "affected",
"version": "11.5(1)ES27"
},
{
"status": "affected",
"version": "12.5(1)_ES03"
},
{
"status": "affected",
"version": "11.6(1)_ES88"
},
{
"status": "affected",
"version": "12.5(1)_ES06"
},
{
"status": "affected",
"version": "11.6(1)_ES82"
},
{
"status": "affected",
"version": "11.6(1)"
},
{
"status": "affected",
"version": "11.5(1)ES29"
},
{
"status": "affected",
"version": "12.5(1)_ES04"
},
{
"status": "affected",
"version": "12.5(1)_ES07"
},
{
"status": "affected",
"version": "11.6(1)_ES87"
},
{
"status": "affected",
"version": "11.6(1)_ES81"
},
{
"status": "affected",
"version": "12.0(1)"
},
{
"status": "affected",
"version": "11.6(1)_ES22"
},
{
"status": "affected",
"version": "11.5(1)_ES43"
},
{
"status": "affected",
"version": "11.5(1)ES32"
},
{
"status": "affected",
"version": "12.0(1)_ES02"
},
{
"status": "affected",
"version": "12.5(1)_ES02"
},
{
"status": "affected",
"version": "12.6(1)"
},
{
"status": "affected",
"version": "12.5(1)_ES09"
},
{
"status": "affected",
"version": "12.6(1)_ES01"
},
{
"status": "affected",
"version": "12.0(1)_ES08"
},
{
"status": "affected",
"version": "12.5(1)_ES10"
},
{
"status": "affected",
"version": "12.6(1)_ES02"
},
{
"status": "affected",
"version": "12.5(1)_ES11"
},
{
"status": "affected",
"version": "12.5(1)_ES12"
},
{
"status": "affected",
"version": "12.6(1)_ES03"
},
{
"status": "affected",
"version": "12.5(1)_ES13"
},
{
"status": "affected",
"version": "12.5(1)_ES14"
},
{
"status": "affected",
"version": "12.6(1)_ES04"
},
{
"status": "affected",
"version": "12.6(1)_ES05"
},
{
"status": "affected",
"version": "12.5(1)_ES15"
},
{
"status": "affected",
"version": "12.6(1)_ES06"
},
{
"status": "affected",
"version": "12.6(1)_ET"
},
{
"status": "affected",
"version": "12.5(1)_ES16"
},
{
"status": "affected",
"version": "12.5(1)SU"
},
{
"status": "affected",
"version": "12.5(1)_SU"
},
{
"status": "affected",
"version": "12.5(1)_SU_ES01"
},
{
"status": "affected",
"version": "12.6(1)_ES07"
},
{
"status": "affected",
"version": "12.6(2)"
},
{
"status": "affected",
"version": "12.5(1)_ES17"
},
{
"status": "affected",
"version": "12.6(1)_ES08"
},
{
"status": "affected",
"version": "12.6(1)_ES09"
},
{
"status": "affected",
"version": "12.6(1)_ES10"
},
{
"status": "affected",
"version": "12.5(1)_SU_ES02"
},
{
"status": "affected",
"version": "12.6(2)_ES01"
},
{
"status": "affected",
"version": "12.6(2)_ET01"
},
{
"status": "affected",
"version": "12.5(2)_ET"
},
{
"status": "affected",
"version": "12.6(2)_ES02"
},
{
"status": "affected",
"version": "12.6(2)_ET_Streaming"
},
{
"status": "affected",
"version": "12.6(2)ET_Transcribe"
},
{
"status": "affected",
"version": "12.6(2)_ES03"
},
{
"status": "affected",
"version": "12.6(2)ET_NuanceMix"
},
{
"status": "affected",
"version": "12.6(2)ET_FileUpload"
},
{
"status": "affected",
"version": "12.6(2)_ET02"
},
{
"status": "affected",
"version": "12.6(2)_ES04"
},
{
"status": "affected",
"version": "12.6.2ET_RTPfallback"
},
{
"status": "affected",
"version": "12.6.2ET_CSCwf55306"
},
{
"status": "affected",
"version": "12.6.2_ET_CSCwj36712"
},
{
"status": "affected",
"version": "12.5.2 ET-CSCwj33374"
},
{
"status": "affected",
"version": "12.5(1) SU ET"
},
{
"status": "affected",
"version": "12.6(2)ET_CSCwj87296"
},
{
"status": "affected",
"version": "12.6(2)_ES05"
},
{
"status": "affected",
"version": "12.5.2_ET_CSCvz27014"
},
{
"status": "affected",
"version": "12.6(2)_ET"
},
{
"status": "affected",
"version": "12.6.2-ET"
},
{
"status": "affected",
"version": "12.6(2)ET_CSCwk83135"
},
{
"status": "affected",
"version": "12.6.2_ET_CX_ALAW"
},
{
"status": "affected",
"version": "12.6.2-ET01-SSL"
},
{
"status": "affected",
"version": "12.6(2)_ES06"
}
]
}
],
"descriptions": [
{
"lang": "en",
"value": "A vulnerability in the CLI of multiple Cisco Unified Communications products could allow an authenticated, local attacker to execute arbitrary commands on the underlying operating system of an affected device as the root user.\r\n\r\nThis vulnerability is due to improper validation of user-supplied command arguments. An attacker could exploit this vulnerability by executing crafted commands on the CLI of an affected device. A successful exploit could allow the attacker to execute arbitrary commands on the underlying operating system of an affected device as the root user. To exploit this vulnerability, the attacker must have valid administrative credentials."
}
],
"exploits": [
{
"lang": "en",
"value": "The Cisco PSIRT is not aware of any public announcements or malicious use of the vulnerability that is described in this advisory."
}
],
"metrics": [
{
"cvssV3_1": {
"attackComplexity": "LOW",
"attackVector": "LOCAL",
"availabilityImpact": "NONE",
"baseScore": 6,
"baseSeverity": "MEDIUM",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"privilegesRequired": "HIGH",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:N",
"version": "3.1"
},
"format": "cvssV3_1"
}
],
"problemTypes": [
{
"descriptions": [
{
"cweId": "CWE-77",
"description": "Improper Neutralization of Special Elements used in a Command (\u0027Command Injection\u0027)",
"lang": "en",
"type": "cwe"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2025-06-04T16:18:20.661Z",
"orgId": "d1c1063e-7a18-46af-9102-31f8928bc633",
"shortName": "cisco"
},
"references": [
{
"name": "cisco-sa-vos-command-inject-65s2UCYy",
"url": "https://sec.cloudapps.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-vos-command-inject-65s2UCYy"
}
],
"source": {
"advisory": "cisco-sa-vos-command-inject-65s2UCYy",
"defects": [
"CSCwk24029"
],
"discovery": "EXTERNAL"
},
"title": "Cisco Unified Communications Products Command Injection Vulnerability"
}
},
"cveMetadata": {
"assignerOrgId": "d1c1063e-7a18-46af-9102-31f8928bc633",
"assignerShortName": "cisco",
"cveId": "CVE-2025-20278",
"datePublished": "2025-06-04T16:18:20.661Z",
"dateReserved": "2024-10-10T19:15:13.246Z",
"dateUpdated": "2025-06-06T03:55:32.661Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2024-20253 (GCVE-0-2024-20253)
Vulnerability from cvelistv5 – Published: 2024-01-26 17:28 – Updated: 2025-05-29 15:12
VLAI?
Summary
A vulnerability in multiple Cisco Unified Communications and Contact Center Solutions products could allow an unauthenticated, remote attacker to execute arbitrary code on an affected device. This vulnerability is due to the improper processing of user-provided data that is being read into memory. An attacker could exploit this vulnerability by sending a crafted message to a listening port of an affected device. A successful exploit could allow the attacker to execute arbitrary commands on the underlying operating system with the privileges of the web services user. With access to the underlying operating system, the attacker could also establish root access on the affected device.
Severity ?
9.9 (Critical)
CWE
- CWE-502 - Deserialization of Untrusted Data
Assigner
References
Impacted products
| Vendor | Product | Version | |||||||||||||||||||||||||||||||||||||
|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|
| Cisco | Cisco Unified Contact Center Enterprise |
Affected:
N/A
|
|||||||||||||||||||||||||||||||||||||
|
|||||||||||||||||||||||||||||||||||||||
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-01T21:52:31.560Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"name": "cisco-sa-cucm-rce-bWNzQcUm",
"tags": [
"x_transferred"
],
"url": "https://sec.cloudapps.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-cucm-rce-bWNzQcUm"
}
],
"title": "CVE Program Container"
},
{
"metrics": [
{
"other": {
"content": {
"id": "CVE-2024-20253",
"options": [
{
"Exploitation": "none"
},
{
"Automatable": "yes"
},
{
"Technical Impact": "partial"
}
],
"role": "CISA Coordinator",
"timestamp": "2025-05-08T15:42:43.844502Z",
"version": "2.0.3"
},
"type": "ssvc"
}
}
],
"problemTypes": [
{
"descriptions": [
{
"cweId": "CWE-502",
"description": "CWE-502 Deserialization of Untrusted Data",
"lang": "en",
"type": "CWE"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2025-05-29T15:12:21.257Z",
"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"shortName": "CISA-ADP"
},
"title": "CISA ADP Vulnrichment"
}
],
"cna": {
"affected": [
{
"product": "Cisco Unified Contact Center Enterprise",
"vendor": "Cisco",
"versions": [
{
"status": "affected",
"version": "N/A"
}
]
},
{
"product": "Cisco Unity Connection",
"vendor": "Cisco",
"versions": [
{
"status": "affected",
"version": "12.0(1)SU1"
},
{
"status": "affected",
"version": "12.0(1)SU2"
},
{
"status": "affected",
"version": "12.0(1)SU3"
},
{
"status": "affected",
"version": "12.0(1)SU4"
},
{
"status": "affected",
"version": "12.0(1)SU5"
},
{
"status": "affected",
"version": "12.5(1)"
},
{
"status": "affected",
"version": "12.5(1)SU1"
},
{
"status": "affected",
"version": "12.5(1)SU2"
},
{
"status": "affected",
"version": "12.5(1)SU3"
},
{
"status": "affected",
"version": "12.5(1)SU4"
},
{
"status": "affected",
"version": "12.5(1)SU5"
},
{
"status": "affected",
"version": "12.5(1)SU6"
},
{
"status": "affected",
"version": "12.5(1)SU7"
},
{
"status": "affected",
"version": "14"
},
{
"status": "affected",
"version": "14SU1"
},
{
"status": "affected",
"version": "14SU2"
}
]
},
{
"product": "Cisco Unified Communications Manager",
"vendor": "Cisco",
"versions": [
{
"status": "affected",
"version": "12.0(1)SU1"
},
{
"status": "affected",
"version": "12.0(1)SU2"
},
{
"status": "affected",
"version": "12.0(1)SU3"
},
{
"status": "affected",
"version": "12.0(1)SU4"
},
{
"status": "affected",
"version": "12.0(1)SU5"
},
{
"status": "affected",
"version": "12.5(1)"
},
{
"status": "affected",
"version": "12.5(1)SU1"
},
{
"status": "affected",
"version": "12.5(1)SU2"
},
{
"status": "affected",
"version": "12.5(1)SU3"
},
{
"status": "affected",
"version": "12.5(1)SU4"
},
{
"status": "affected",
"version": "12.5(1)SU5"
},
{
"status": "affected",
"version": "12.5(1)SU6"
},
{
"status": "affected",
"version": "12.5(1)SU7"
},
{
"status": "affected",
"version": "12.5(1)SU7a"
},
{
"status": "affected",
"version": "14"
},
{
"status": "affected",
"version": "14SU1"
},
{
"status": "affected",
"version": "14SU2"
}
]
},
{
"product": "Cisco Unified Contact Center Express",
"vendor": "Cisco",
"versions": [
{
"status": "affected",
"version": "8.5(1)"
},
{
"status": "affected",
"version": "9.0(2)SU3ES04"
},
{
"status": "affected",
"version": "10.0(1)SU1"
},
{
"status": "affected",
"version": "10.0(1)SU1ES04"
},
{
"status": "affected",
"version": "10.5(1)"
},
{
"status": "affected",
"version": "10.5(1)SU1"
},
{
"status": "affected",
"version": "10.5(1)SU1ES10"
},
{
"status": "affected",
"version": "10.6(1)"
},
{
"status": "affected",
"version": "10.6(1)SU1"
},
{
"status": "affected",
"version": "10.6(1)SU3"
},
{
"status": "affected",
"version": "10.6(1)SU2"
},
{
"status": "affected",
"version": "10.6(1)SU3ES03"
},
{
"status": "affected",
"version": "10.6(1)SU2ES04"
},
{
"status": "affected",
"version": "10.6(1)SU3ES02"
},
{
"status": "affected",
"version": "10.6(1)SU3ES01"
},
{
"status": "affected",
"version": "11.0(1)SU1"
},
{
"status": "affected",
"version": "11.0(1)SU1ES03"
},
{
"status": "affected",
"version": "11.0(1)SU1ES02"
},
{
"status": "affected",
"version": "11.5(1)SU1"
},
{
"status": "affected",
"version": "11.5(1)SU1ES02"
},
{
"status": "affected",
"version": "11.5(1)SU1ES01"
},
{
"status": "affected",
"version": "11.5(1)SU1ES03"
},
{
"status": "affected",
"version": "11.5(1)ES01"
},
{
"status": "affected",
"version": "12.0(1)"
},
{
"status": "affected",
"version": "12.0(1)ES01"
},
{
"status": "affected",
"version": "12.0(1)ES03"
},
{
"status": "affected",
"version": "12.0(1)ES04"
},
{
"status": "affected",
"version": "12.0(1)ES02"
},
{
"status": "affected",
"version": "12.5(1)"
},
{
"status": "affected",
"version": "12.5(1)SU1"
},
{
"status": "affected",
"version": "12.5(1)SU2"
},
{
"status": "affected",
"version": "12.5(1)SU3"
},
{
"status": "affected",
"version": "12.5(1)_SU01_ES03"
},
{
"status": "affected",
"version": "12.5(1)ES03"
},
{
"status": "affected",
"version": "12.5(1)_SU01_ES01"
},
{
"status": "affected",
"version": "12.5(1)_SU02_ES02"
},
{
"status": "affected",
"version": "12.5(1)_SU01_ES02"
},
{
"status": "affected",
"version": "12.5(1)_SU02_ES03"
},
{
"status": "affected",
"version": "12.5(1)ES01"
},
{
"status": "affected",
"version": "12.5(1)_SU02_ES01"
},
{
"status": "affected",
"version": "12.5(1)ES02"
},
{
"status": "affected",
"version": "12.5(1)_SU03_ES01"
},
{
"status": "affected",
"version": "12.5(1)_SU02_ES04"
},
{
"status": "affected",
"version": "12.5(1)_SU03_ES02"
},
{
"status": "affected",
"version": "12.5(1)_SU03_ES03"
},
{
"status": "affected",
"version": "12.5(1)_SU03_ES04"
},
{
"status": "affected",
"version": "11.6(1)"
},
{
"status": "affected",
"version": "11.6(2)"
},
{
"status": "affected",
"version": "11.6(1)ES01"
},
{
"status": "affected",
"version": "11.6(2)ES06"
},
{
"status": "affected",
"version": "11.6(1)ES02"
},
{
"status": "affected",
"version": "11.6(2)ES01"
},
{
"status": "affected",
"version": "11.6(2)ES03"
},
{
"status": "affected",
"version": "11.6(2)ES07"
},
{
"status": "affected",
"version": "11.6(2)ES08"
},
{
"status": "affected",
"version": "11.6(2)ES02"
},
{
"status": "affected",
"version": "11.6(2)ES05"
},
{
"status": "affected",
"version": "11.6(2)ES04"
}
]
},
{
"product": "Cisco Unified Communications Manager IM and Presence Service",
"vendor": "Cisco",
"versions": [
{
"status": "affected",
"version": "10.5(1)"
},
{
"status": "affected",
"version": "10.5(2)"
},
{
"status": "affected",
"version": "10.5(2a)"
},
{
"status": "affected",
"version": "10.5(2b)"
},
{
"status": "affected",
"version": "10.5(2)SU3"
},
{
"status": "affected",
"version": "10.5(2)SU2a"
},
{
"status": "affected",
"version": "10.5(2)SU4a"
},
{
"status": "affected",
"version": "10.5(2)SU4"
},
{
"status": "affected",
"version": "10.5(1)SU3"
},
{
"status": "affected",
"version": "10.5(1)SU1"
},
{
"status": "affected",
"version": "10.5(2)SU1"
},
{
"status": "affected",
"version": "10.5(2)SU2"
},
{
"status": "affected",
"version": "10.5(1)SU2"
},
{
"status": "affected",
"version": "11.5(1)"
},
{
"status": "affected",
"version": "11.5(1)SU1"
},
{
"status": "affected",
"version": "11.5(1)SU2"
},
{
"status": "affected",
"version": "11.5(1)SU3"
},
{
"status": "affected",
"version": "11.5(1)SU3a"
},
{
"status": "affected",
"version": "11.5(1)SU4"
},
{
"status": "affected",
"version": "11.5(1)SU5"
},
{
"status": "affected",
"version": "11.5(1)SU5a"
},
{
"status": "affected",
"version": "11.5(1)SU6"
},
{
"status": "affected",
"version": "11.5(1)SU7"
},
{
"status": "affected",
"version": "11.5(1)SU8"
},
{
"status": "affected",
"version": "11.5(1)SU9"
},
{
"status": "affected",
"version": "11.5(1)SU10"
},
{
"status": "affected",
"version": "11.5(1)SU11"
},
{
"status": "affected",
"version": "11.0(1)"
},
{
"status": "affected",
"version": "11.0(1)SU1"
},
{
"status": "affected",
"version": "12.5(1)"
},
{
"status": "affected",
"version": "12.5(1)SU1"
},
{
"status": "affected",
"version": "12.5(1)SU2"
},
{
"status": "affected",
"version": "12.5(1)SU3"
},
{
"status": "affected",
"version": "12.5(1)SU4"
},
{
"status": "affected",
"version": "12.5(1)SU5"
},
{
"status": "affected",
"version": "12.5(1)SU6"
},
{
"status": "affected",
"version": "12.5(1)SU7"
},
{
"status": "affected",
"version": "14"
},
{
"status": "affected",
"version": "14SU1"
},
{
"status": "affected",
"version": "14SU2"
},
{
"status": "affected",
"version": "14SU2a"
},
{
"status": "affected",
"version": "10.0(1)"
},
{
"status": "affected",
"version": "10.0(1)SU1"
},
{
"status": "affected",
"version": "10.0(1)SU2"
}
]
},
{
"product": "Cisco Virtualized Voice Browser",
"vendor": "Cisco",
"versions": [
{
"status": "affected",
"version": "11.0(1)"
},
{
"status": "affected",
"version": "11.5(1)"
},
{
"status": "affected",
"version": "11.5(1)ES29"
},
{
"status": "affected",
"version": "11.5(1)ES32"
},
{
"status": "affected",
"version": "11.5(1)_ES43"
},
{
"status": "affected",
"version": "11.5(1)_ES54"
},
{
"status": "affected",
"version": "11.5(1)_ES27"
},
{
"status": "affected",
"version": "11.5(1)ES36"
},
{
"status": "affected",
"version": "11.5(1)_ES32"
},
{
"status": "affected",
"version": "11.5(1)_ES29"
},
{
"status": "affected",
"version": "11.5(1)_ES36"
},
{
"status": "affected",
"version": "11.5(1)ES43"
},
{
"status": "affected",
"version": "11.5(1)_ES53"
},
{
"status": "affected",
"version": "11.5(1)ES27"
},
{
"status": "affected",
"version": "11.6(1)"
},
{
"status": "affected",
"version": "11.6(1)_ES82"
},
{
"status": "affected",
"version": "11.6(1)_ES22"
},
{
"status": "affected",
"version": "11.6(1)_ES81"
},
{
"status": "affected",
"version": "11.6(1)_ES87"
},
{
"status": "affected",
"version": "11.6(1)_ES84"
},
{
"status": "affected",
"version": "11.6(1)_ES85"
},
{
"status": "affected",
"version": "11.6(1)_ES83"
},
{
"status": "affected",
"version": "11.6(1)_ES80"
},
{
"status": "affected",
"version": "11.6(1)_ES86"
},
{
"status": "affected",
"version": "11.6(1)_ES88"
},
{
"status": "affected",
"version": "12.5(1)_ES04"
},
{
"status": "affected",
"version": "12.5(1)_ES07"
},
{
"status": "affected",
"version": "12.5(1)_ES02"
},
{
"status": "affected",
"version": "12.5(1)"
},
{
"status": "affected",
"version": "12.5(1)_ES08"
},
{
"status": "affected",
"version": "12.5(1)_ES03"
},
{
"status": "affected",
"version": "12.5(1)_ES06"
},
{
"status": "affected",
"version": "12.5(1)_ES09"
},
{
"status": "affected",
"version": "12.5(1)_ES14"
},
{
"status": "affected",
"version": "12.5(1)SU"
},
{
"status": "affected",
"version": "12.5(1)_ES15"
},
{
"status": "affected",
"version": "12.5(1)_SU"
},
{
"status": "affected",
"version": "12.5(1)_SU_ES01"
},
{
"status": "affected",
"version": "12.5(1)_ES11"
},
{
"status": "affected",
"version": "12.5(1)_ES12"
},
{
"status": "affected",
"version": "12.5(2)_ET"
},
{
"status": "affected",
"version": "12.5(1)_SU_ES02"
},
{
"status": "affected",
"version": "12.5(1)_ES10"
},
{
"status": "affected",
"version": "12.0(1)"
},
{
"status": "affected",
"version": "12.0(1)_ES02"
},
{
"status": "affected",
"version": "12.0(1)_ES01"
},
{
"status": "affected",
"version": "12.0(1)_ES06"
},
{
"status": "affected",
"version": "12.0(1)_ES07"
},
{
"status": "affected",
"version": "12.0(1)_ES05"
},
{
"status": "affected",
"version": "12.0(1)_ES04"
},
{
"status": "affected",
"version": "12.0(1)_ES03"
},
{
"status": "affected",
"version": "12.0(1)_ES08"
},
{
"status": "affected",
"version": "12.6(1)"
},
{
"status": "affected",
"version": "12.6(1)_ES04"
},
{
"status": "affected",
"version": "12.6(1)_ES03"
},
{
"status": "affected",
"version": "12.6(1)_ES09"
},
{
"status": "affected",
"version": "12.6(1)_ES06"
},
{
"status": "affected",
"version": "12.6(1)_ES08"
},
{
"status": "affected",
"version": "12.6(1)_ES05"
},
{
"status": "affected",
"version": "12.6(2)_ES03"
},
{
"status": "affected",
"version": "12.6(1)_ES02"
},
{
"status": "affected",
"version": "12.6(1)_ES01"
},
{
"status": "affected",
"version": "12.6(2)"
},
{
"status": "affected",
"version": "12.6(2)_ET01"
},
{
"status": "affected",
"version": "12.6(2)_ES02"
},
{
"status": "affected",
"version": "12.6(2)_ES01"
},
{
"status": "affected",
"version": "12.6(1)_ES07"
}
]
},
{
"product": "Cisco Packaged Contact Center Enterprise",
"vendor": "Cisco",
"versions": [
{
"status": "affected",
"version": "10.5(1)"
},
{
"status": "affected",
"version": "10.5(2)"
},
{
"status": "affected",
"version": "10.5(1)_ES7"
},
{
"status": "affected",
"version": "10.5(2)_ES8"
},
{
"status": "affected",
"version": "11.0(1)"
},
{
"status": "affected",
"version": "11.0(2)"
},
{
"status": "affected",
"version": "11.5(1)"
},
{
"status": "affected",
"version": "11.6(1)"
},
{
"status": "affected",
"version": "11.6(2)"
},
{
"status": "affected",
"version": "12.0(1)"
},
{
"status": "affected",
"version": "12.5(1)"
},
{
"status": "affected",
"version": "12.5(2)"
},
{
"status": "affected",
"version": "12.6(1)"
},
{
"status": "affected",
"version": "12.6(2)"
}
]
},
{
"product": "Cisco Unified Communications Manager / Cisco Unity Connection",
"vendor": "Cisco",
"versions": [
{
"status": "affected",
"version": "10.5(2)SU10"
},
{
"status": "affected",
"version": "10.5(1)"
},
{
"status": "affected",
"version": "10.5(1)SU1"
},
{
"status": "affected",
"version": "10.5(1)SU1a"
},
{
"status": "affected",
"version": "10.5(2)"
},
{
"status": "affected",
"version": "10.5(2)SU1"
},
{
"status": "affected",
"version": "10.5(2)SU2"
},
{
"status": "affected",
"version": "10.5(2)SU3"
},
{
"status": "affected",
"version": "10.5(2)SU4"
},
{
"status": "affected",
"version": "10.5(2)SU5"
},
{
"status": "affected",
"version": "10.5(2)SU6"
},
{
"status": "affected",
"version": "10.5(2)SU7"
},
{
"status": "affected",
"version": "10.5(2)SU8"
},
{
"status": "affected",
"version": "10.5(2)SU9"
},
{
"status": "affected",
"version": "10.5(2)SU2a"
},
{
"status": "affected",
"version": "10.5(2)SU3a"
},
{
"status": "affected",
"version": "10.5(2)SU4a"
},
{
"status": "affected",
"version": "10.5(2)SU6a"
},
{
"status": "affected",
"version": "11.0(1)"
},
{
"status": "affected",
"version": "11.0(1a)"
},
{
"status": "affected",
"version": "11.0(1a)SU1"
},
{
"status": "affected",
"version": "11.0(1a)SU2"
},
{
"status": "affected",
"version": "11.0(1a)SU3"
},
{
"status": "affected",
"version": "11.0(1a)SU3a"
},
{
"status": "affected",
"version": "11.0(1a)SU4"
},
{
"status": "affected",
"version": "11.0.1"
},
{
"status": "affected",
"version": "11.0.2"
},
{
"status": "affected",
"version": "11.0.5"
},
{
"status": "affected",
"version": "11.5(1)"
},
{
"status": "affected",
"version": "11.5(1)SU1"
},
{
"status": "affected",
"version": "11.5(1)SU2"
},
{
"status": "affected",
"version": "11.5(1)SU3"
},
{
"status": "affected",
"version": "11.5(1)SU3a"
},
{
"status": "affected",
"version": "11.5(1)SU3b"
},
{
"status": "affected",
"version": "11.5(1)SU4"
},
{
"status": "affected",
"version": "11.5(1)SU5"
},
{
"status": "affected",
"version": "11.5(1)SU6"
},
{
"status": "affected",
"version": "11.5(1)SU7"
},
{
"status": "affected",
"version": "11.5(1)SU8"
},
{
"status": "affected",
"version": "11.5(1)SU9"
},
{
"status": "affected",
"version": "11.5(1)SU10"
},
{
"status": "affected",
"version": "11.5(1)SU11"
},
{
"status": "affected",
"version": "10.0(1)SU2"
},
{
"status": "affected",
"version": "10.0(1)"
},
{
"status": "affected",
"version": "10.0(1)SU1"
}
]
}
],
"descriptions": [
{
"lang": "en",
"value": "A vulnerability in multiple Cisco Unified Communications and Contact Center Solutions products could allow an unauthenticated, remote attacker to execute arbitrary code on an affected device. This vulnerability is due to the improper processing of user-provided data that is being read into memory. An attacker could exploit this vulnerability by sending a crafted message to a listening port of an affected device. A successful exploit could allow the attacker to execute arbitrary commands on the underlying operating system with the privileges of the web services user. With access to the underlying operating system, the attacker could also establish root access on the affected device."
}
],
"exploits": [
{
"lang": "en",
"value": "The Cisco PSIRT is not aware of any public announcements or malicious use of the vulnerability that is described in this advisory."
}
],
"metrics": [
{
"cvssV3_1": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "HIGH",
"baseScore": 9.9,
"baseSeverity": "CRITICAL",
"confidentialityImpact": "LOW",
"integrityImpact": "LOW",
"privilegesRequired": "NONE",
"scope": "CHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:C/C:L/I:L/A:H",
"version": "3.1"
},
"format": "cvssV3_1"
}
],
"problemTypes": [
{
"descriptions": [
{
"cweId": "CWE-502",
"description": "Deserialization of Untrusted Data",
"lang": "en",
"type": "cwe"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2024-02-02T15:42:33.881Z",
"orgId": "d1c1063e-7a18-46af-9102-31f8928bc633",
"shortName": "cisco"
},
"references": [
{
"name": "cisco-sa-cucm-rce-bWNzQcUm",
"url": "https://sec.cloudapps.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-cucm-rce-bWNzQcUm"
}
],
"source": {
"advisory": "cisco-sa-cucm-rce-bWNzQcUm",
"defects": [
"CSCwe18830",
"CSCwe18773",
"CSCwe18840",
"CSCwd64292",
"CSCwd64245",
"CSCwd64276"
],
"discovery": "EXTERNAL"
}
}
},
"cveMetadata": {
"assignerOrgId": "d1c1063e-7a18-46af-9102-31f8928bc633",
"assignerShortName": "cisco",
"cveId": "CVE-2024-20253",
"datePublished": "2024-01-26T17:28:30.761Z",
"dateReserved": "2023-11-08T15:08:07.622Z",
"dateUpdated": "2025-05-29T15:12:21.257Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2021-44228 (GCVE-0-2021-44228)
Vulnerability from cvelistv5 – Published: 2021-12-10 00:00 – Updated: 2025-10-21 23:25
VLAI?
Summary
Apache Log4j2 2.0-beta9 through 2.15.0 (excluding security releases 2.12.2, 2.12.3, and 2.3.1) JNDI features used in configuration, log messages, and parameters do not protect against attacker controlled LDAP and other JNDI related endpoints. An attacker who can control log messages or log message parameters can execute arbitrary code loaded from LDAP servers when message lookup substitution is enabled. From log4j 2.15.0, this behavior has been disabled by default. From version 2.16.0 (along with 2.12.2, 2.12.3, and 2.3.1), this functionality has been completely removed. Note that this vulnerability is specific to log4j-core and does not affect log4net, log4cxx, or other Apache Logging Services projects.
Severity ?
No CVSS data available.
CWE
Assigner
References
Impacted products
| Vendor | Product | Version | ||
|---|---|---|---|---|
| Apache Software Foundation | Apache Log4j2 |
Affected:
2.0-beta9 , < log4j-core*
(custom)
|
Credits
This issue was discovered by Chen Zhaojun of Alibaba Cloud Security Team.
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-04T04:17:24.696Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"tags": [
"x_transferred"
],
"url": "https://logging.apache.org/log4j/2.x/security.html"
},
{
"name": "[oss-security] 20211210 CVE-2021-44228: Apache Log4j2 JNDI features do not protect against attacker controlled LDAP and other JNDI related endpoints",
"tags": [
"mailing-list",
"x_transferred"
],
"url": "http://www.openwall.com/lists/oss-security/2021/12/10/1"
},
{
"name": "[oss-security] 20211210 Re: CVE-2021-44228: Apache Log4j2 JNDI features do not protect against attacker controlled LDAP and other JNDI related endpoints",
"tags": [
"mailing-list",
"x_transferred"
],
"url": "http://www.openwall.com/lists/oss-security/2021/12/10/2"
},
{
"name": "20211210 Vulnerability in Apache Log4j Library Affecting Cisco Products: December 2021",
"tags": [
"vendor-advisory",
"x_transferred"
],
"url": "https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-apache-log4j-qRuKNEbd"
},
{
"name": "[oss-security] 20211210 Re: CVE-2021-44228: Apache Log4j2 JNDI features do not protect against attacker controlled LDAP and other JNDI related endpoints",
"tags": [
"mailing-list",
"x_transferred"
],
"url": "http://www.openwall.com/lists/oss-security/2021/12/10/3"
},
{
"tags": [
"x_transferred"
],
"url": "https://security.netapp.com/advisory/ntap-20211210-0007/"
},
{
"tags": [
"x_transferred"
],
"url": "http://packetstormsecurity.com/files/165225/Apache-Log4j2-2.14.1-Remote-Code-Execution.html"
},
{
"tags": [
"x_transferred"
],
"url": "https://psirt.global.sonicwall.com/vuln-detail/SNWLID-2021-0032"
},
{
"tags": [
"x_transferred"
],
"url": "https://www.oracle.com/security-alerts/alert-cve-2021-44228.html"
},
{
"name": "DSA-5020",
"tags": [
"vendor-advisory",
"x_transferred"
],
"url": "https://www.debian.org/security/2021/dsa-5020"
},
{
"name": "[debian-lts-announce] 20211212 [SECURITY] [DLA 2842-1] apache-log4j2 security update",
"tags": [
"mailing-list",
"x_transferred"
],
"url": "https://lists.debian.org/debian-lts-announce/2021/12/msg00007.html"
},
{
"name": "FEDORA-2021-f0f501d01f",
"tags": [
"vendor-advisory",
"x_transferred"
],
"url": "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/VU57UJDCFIASIO35GC55JMKSRXJMCDFM/"
},
{
"name": "Microsoft\u2019s Response to CVE-2021-44228 Apache Log4j 2",
"tags": [
"vendor-advisory",
"x_transferred"
],
"url": "https://msrc-blog.microsoft.com/2021/12/11/microsofts-response-to-cve-2021-44228-apache-log4j2/"
},
{
"name": "[oss-security] 20211213 Re: CVE-2021-4104: Deserialization of untrusted data in JMSAppender in Apache Log4j 1.2",
"tags": [
"mailing-list",
"x_transferred"
],
"url": "http://www.openwall.com/lists/oss-security/2021/12/13/2"
},
{
"name": "[oss-security] 20211213 CVE-2021-4104: Deserialization of untrusted data in JMSAppender in Apache Log4j 1.2",
"tags": [
"mailing-list",
"x_transferred"
],
"url": "http://www.openwall.com/lists/oss-security/2021/12/13/1"
},
{
"name": "[oss-security] 20211214 CVE-2021-45046: Apache Log4j2 Thread Context Message Pattern and Context Lookup Pattern vulnerable to a denial of service attack",
"tags": [
"mailing-list",
"x_transferred"
],
"url": "http://www.openwall.com/lists/oss-security/2021/12/14/4"
},
{
"name": "20211210 A Vulnerability in Apache Log4j Library Affecting Cisco Products: December 2021",
"tags": [
"vendor-advisory",
"x_transferred"
],
"url": "https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-apache-log4j-qRuKNEbd"
},
{
"name": "VU#930724",
"tags": [
"third-party-advisory",
"x_transferred"
],
"url": "https://www.kb.cert.org/vuls/id/930724"
},
{
"tags": [
"x_transferred"
],
"url": "https://twitter.com/kurtseifried/status/1469345530182455296"
},
{
"tags": [
"x_transferred"
],
"url": "https://cert-portal.siemens.com/productcert/pdf/ssa-661247.pdf"
},
{
"tags": [
"x_transferred"
],
"url": "http://packetstormsecurity.com/files/165260/VMware-Security-Advisory-2021-0028.html"
},
{
"tags": [
"x_transferred"
],
"url": "http://packetstormsecurity.com/files/165270/Apache-Log4j2-2.14.1-Remote-Code-Execution.html"
},
{
"tags": [
"x_transferred"
],
"url": "http://packetstormsecurity.com/files/165261/Apache-Log4j2-2.14.1-Information-Disclosure.html"
},
{
"tags": [
"x_transferred"
],
"url": "https://www.intel.com/content/www/us/en/security-center/advisory/intel-sa-00646.html"
},
{
"name": "20211210 Vulnerabilities in Apache Log4j Library Affecting Cisco Products: December 2021",
"tags": [
"vendor-advisory",
"x_transferred"
],
"url": "https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-apache-log4j-qRuKNEbd"
},
{
"name": "[oss-security] 20211215 Re: CVE-2021-45046: Apache Log4j2 Thread Context Message Pattern and Context Lookup Pattern vulnerable to a denial of service attack",
"tags": [
"mailing-list",
"x_transferred"
],
"url": "http://www.openwall.com/lists/oss-security/2021/12/15/3"
},
{
"tags": [
"x_transferred"
],
"url": "http://packetstormsecurity.com/files/165282/Log4j-Payload-Generator.html"
},
{
"tags": [
"x_transferred"
],
"url": "http://packetstormsecurity.com/files/165281/Log4j2-Log4Shell-Regexes.html"
},
{
"tags": [
"x_transferred"
],
"url": "http://packetstormsecurity.com/files/165307/Log4j-Remote-Code-Execution-Word-Bypassing.html"
},
{
"tags": [
"x_transferred"
],
"url": "http://packetstormsecurity.com/files/165311/log4j-scan-Extensive-Scanner.html"
},
{
"tags": [
"x_transferred"
],
"url": "http://packetstormsecurity.com/files/165306/L4sh-Log4j-Remote-Code-Execution.html"
},
{
"tags": [
"x_transferred"
],
"url": "https://cert-portal.siemens.com/productcert/pdf/ssa-714170.pdf"
},
{
"name": "FEDORA-2021-66d6c484f3",
"tags": [
"vendor-advisory",
"x_transferred"
],
"url": "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/M5CSVUNV4HWZZXGOKNSK6L7RPM7BOKIB/"
},
{
"tags": [
"x_transferred"
],
"url": "http://packetstormsecurity.com/files/165371/VMware-Security-Advisory-2021-0028.4.html"
},
{
"tags": [
"x_transferred"
],
"url": "https://cert-portal.siemens.com/productcert/pdf/ssa-397453.pdf"
},
{
"tags": [
"x_transferred"
],
"url": "https://cert-portal.siemens.com/productcert/pdf/ssa-479842.pdf"
},
{
"tags": [
"x_transferred"
],
"url": "https://www.oracle.com/security-alerts/cpujan2022.html"
},
{
"tags": [
"x_transferred"
],
"url": "http://packetstormsecurity.com/files/165532/Log4Shell-HTTP-Header-Injection.html"
},
{
"tags": [
"x_transferred"
],
"url": "https://github.com/cisagov/log4j-affected-db/blob/develop/SOFTWARE-LIST.md"
},
{
"tags": [
"x_transferred"
],
"url": "http://packetstormsecurity.com/files/165642/VMware-vCenter-Server-Unauthenticated-Log4Shell-JNDI-Injection-Remote-Code-Execution.html"
},
{
"tags": [
"x_transferred"
],
"url": "http://packetstormsecurity.com/files/165673/UniFi-Network-Application-Unauthenticated-Log4Shell-Remote-Code-Execution.html"
},
{
"name": "20220314 APPLE-SA-2022-03-14-7 Xcode 13.3",
"tags": [
"mailing-list",
"x_transferred"
],
"url": "http://seclists.org/fulldisclosure/2022/Mar/23"
},
{
"tags": [
"x_transferred"
],
"url": "https://www.bentley.com/en/common-vulnerability-exposure/be-2022-0001"
},
{
"tags": [
"x_transferred"
],
"url": "https://github.com/cisagov/log4j-affected-db"
},
{
"tags": [
"x_transferred"
],
"url": "https://support.apple.com/kb/HT213189"
},
{
"tags": [
"x_transferred"
],
"url": "https://www.oracle.com/security-alerts/cpuapr2022.html"
},
{
"tags": [
"x_transferred"
],
"url": "https://github.com/nu11secur1ty/CVE-mitre/tree/main/CVE-2021-44228"
},
{
"tags": [
"x_transferred"
],
"url": "https://www.nu11secur1ty.com/2021/12/cve-2021-44228.html"
},
{
"name": "20220721 Open-Xchange Security Advisory 2022-07-21",
"tags": [
"mailing-list",
"x_transferred"
],
"url": "http://seclists.org/fulldisclosure/2022/Jul/11"
},
{
"tags": [
"x_transferred"
],
"url": "http://packetstormsecurity.com/files/167794/Open-Xchange-App-Suite-7.10.x-Cross-Site-Scripting-Command-Injection.html"
},
{
"tags": [
"x_transferred"
],
"url": "http://packetstormsecurity.com/files/167917/MobileIron-Log4Shell-Remote-Command-Execution.html"
},
{
"name": "20221208 Intel Data Center Manager \u003c= 5.1 Local Privileges Escalation",
"tags": [
"mailing-list",
"x_transferred"
],
"url": "http://seclists.org/fulldisclosure/2022/Dec/2"
},
{
"tags": [
"x_transferred"
],
"url": "http://packetstormsecurity.com/files/171626/AD-Manager-Plus-7122-Remote-Code-Execution.html"
}
],
"title": "CVE Program Container"
},
{
"metrics": [
{
"cvssV3_1": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "HIGH",
"baseScore": 10,
"baseSeverity": "CRITICAL",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"privilegesRequired": "NONE",
"scope": "CHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:C/C:H/I:H/A:H",
"version": "3.1"
}
},
{
"other": {
"content": {
"id": "CVE-2021-44228",
"options": [
{
"Exploitation": "active"
},
{
"Automatable": "yes"
},
{
"Technical Impact": "total"
}
],
"role": "CISA Coordinator",
"timestamp": "2025-02-04T14:25:34.416117Z",
"version": "2.0.3"
},
"type": "ssvc"
}
},
{
"other": {
"content": {
"dateAdded": "2021-12-10",
"reference": "https://www.cisa.gov/known-exploited-vulnerabilities-catalog?field_cve=CVE-2021-44228"
},
"type": "kev"
}
}
],
"providerMetadata": {
"dateUpdated": "2025-10-21T23:25:23.121Z",
"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"shortName": "CISA-ADP"
},
"references": [
{
"tags": [
"government-resource"
],
"url": "https://www.cisa.gov/known-exploited-vulnerabilities-catalog?field_cve=CVE-2021-44228"
}
],
"timeline": [
{
"lang": "en",
"time": "2021-12-10T00:00:00+00:00",
"value": "CVE-2021-44228 added to CISA KEV"
}
],
"title": "CISA ADP Vulnrichment"
}
],
"cna": {
"affected": [
{
"product": "Apache Log4j2",
"vendor": "Apache Software Foundation",
"versions": [
{
"changes": [
{
"at": "2.3.1",
"status": "unaffected"
},
{
"at": "2.4",
"status": "affected"
},
{
"at": "2.12.2",
"status": "unaffected"
},
{
"at": "2.13.0",
"status": "affected"
},
{
"at": "2.15.0",
"status": "unaffected"
}
],
"lessThan": "log4j-core*",
"status": "affected",
"version": "2.0-beta9",
"versionType": "custom"
}
]
}
],
"credits": [
{
"lang": "en",
"value": "This issue was discovered by Chen Zhaojun of Alibaba Cloud Security Team."
}
],
"descriptions": [
{
"lang": "en",
"value": "Apache Log4j2 2.0-beta9 through 2.15.0 (excluding security releases 2.12.2, 2.12.3, and 2.3.1) JNDI features used in configuration, log messages, and parameters do not protect against attacker controlled LDAP and other JNDI related endpoints. An attacker who can control log messages or log message parameters can execute arbitrary code loaded from LDAP servers when message lookup substitution is enabled. From log4j 2.15.0, this behavior has been disabled by default. From version 2.16.0 (along with 2.12.2, 2.12.3, and 2.3.1), this functionality has been completely removed. Note that this vulnerability is specific to log4j-core and does not affect log4net, log4cxx, or other Apache Logging Services projects."
}
],
"metrics": [
{
"other": {
"content": {
"other": "critical"
},
"type": "unknown"
}
}
],
"problemTypes": [
{
"descriptions": [
{
"cweId": "CWE-502",
"description": "CWE-502 Deserialization of Untrusted Data",
"lang": "en",
"type": "CWE"
}
]
},
{
"descriptions": [
{
"cweId": "CWE-400",
"description": "CWE-400 Uncontrolled Resource Consumption",
"lang": "en",
"type": "CWE"
}
]
},
{
"descriptions": [
{
"cweId": "CWE-20",
"description": "CWE-20 Improper Input Validation",
"lang": "en",
"type": "CWE"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2023-04-03T00:00:00.000Z",
"orgId": "f0158376-9dc2-43b6-827c-5f631a4d8d09",
"shortName": "apache"
},
"references": [
{
"url": "https://logging.apache.org/log4j/2.x/security.html"
},
{
"name": "[oss-security] 20211210 CVE-2021-44228: Apache Log4j2 JNDI features do not protect against attacker controlled LDAP and other JNDI related endpoints",
"tags": [
"mailing-list"
],
"url": "http://www.openwall.com/lists/oss-security/2021/12/10/1"
},
{
"name": "[oss-security] 20211210 Re: CVE-2021-44228: Apache Log4j2 JNDI features do not protect against attacker controlled LDAP and other JNDI related endpoints",
"tags": [
"mailing-list"
],
"url": "http://www.openwall.com/lists/oss-security/2021/12/10/2"
},
{
"name": "20211210 Vulnerability in Apache Log4j Library Affecting Cisco Products: December 2021",
"tags": [
"vendor-advisory"
],
"url": "https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-apache-log4j-qRuKNEbd"
},
{
"name": "[oss-security] 20211210 Re: CVE-2021-44228: Apache Log4j2 JNDI features do not protect against attacker controlled LDAP and other JNDI related endpoints",
"tags": [
"mailing-list"
],
"url": "http://www.openwall.com/lists/oss-security/2021/12/10/3"
},
{
"url": "https://security.netapp.com/advisory/ntap-20211210-0007/"
},
{
"url": "http://packetstormsecurity.com/files/165225/Apache-Log4j2-2.14.1-Remote-Code-Execution.html"
},
{
"url": "https://psirt.global.sonicwall.com/vuln-detail/SNWLID-2021-0032"
},
{
"url": "https://www.oracle.com/security-alerts/alert-cve-2021-44228.html"
},
{
"name": "DSA-5020",
"tags": [
"vendor-advisory"
],
"url": "https://www.debian.org/security/2021/dsa-5020"
},
{
"name": "[debian-lts-announce] 20211212 [SECURITY] [DLA 2842-1] apache-log4j2 security update",
"tags": [
"mailing-list"
],
"url": "https://lists.debian.org/debian-lts-announce/2021/12/msg00007.html"
},
{
"name": "FEDORA-2021-f0f501d01f",
"tags": [
"vendor-advisory"
],
"url": "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/VU57UJDCFIASIO35GC55JMKSRXJMCDFM/"
},
{
"name": "Microsoft\u2019s Response to CVE-2021-44228 Apache Log4j 2",
"tags": [
"vendor-advisory"
],
"url": "https://msrc-blog.microsoft.com/2021/12/11/microsofts-response-to-cve-2021-44228-apache-log4j2/"
},
{
"name": "[oss-security] 20211213 Re: CVE-2021-4104: Deserialization of untrusted data in JMSAppender in Apache Log4j 1.2",
"tags": [
"mailing-list"
],
"url": "http://www.openwall.com/lists/oss-security/2021/12/13/2"
},
{
"name": "[oss-security] 20211213 CVE-2021-4104: Deserialization of untrusted data in JMSAppender in Apache Log4j 1.2",
"tags": [
"mailing-list"
],
"url": "http://www.openwall.com/lists/oss-security/2021/12/13/1"
},
{
"name": "[oss-security] 20211214 CVE-2021-45046: Apache Log4j2 Thread Context Message Pattern and Context Lookup Pattern vulnerable to a denial of service attack",
"tags": [
"mailing-list"
],
"url": "http://www.openwall.com/lists/oss-security/2021/12/14/4"
},
{
"name": "20211210 A Vulnerability in Apache Log4j Library Affecting Cisco Products: December 2021",
"tags": [
"vendor-advisory"
],
"url": "https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-apache-log4j-qRuKNEbd"
},
{
"name": "VU#930724",
"tags": [
"third-party-advisory"
],
"url": "https://www.kb.cert.org/vuls/id/930724"
},
{
"url": "https://twitter.com/kurtseifried/status/1469345530182455296"
},
{
"url": "https://cert-portal.siemens.com/productcert/pdf/ssa-661247.pdf"
},
{
"url": "http://packetstormsecurity.com/files/165260/VMware-Security-Advisory-2021-0028.html"
},
{
"url": "http://packetstormsecurity.com/files/165270/Apache-Log4j2-2.14.1-Remote-Code-Execution.html"
},
{
"url": "http://packetstormsecurity.com/files/165261/Apache-Log4j2-2.14.1-Information-Disclosure.html"
},
{
"url": "https://www.intel.com/content/www/us/en/security-center/advisory/intel-sa-00646.html"
},
{
"name": "20211210 Vulnerabilities in Apache Log4j Library Affecting Cisco Products: December 2021",
"tags": [
"vendor-advisory"
],
"url": "https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-apache-log4j-qRuKNEbd"
},
{
"name": "[oss-security] 20211215 Re: CVE-2021-45046: Apache Log4j2 Thread Context Message Pattern and Context Lookup Pattern vulnerable to a denial of service attack",
"tags": [
"mailing-list"
],
"url": "http://www.openwall.com/lists/oss-security/2021/12/15/3"
},
{
"url": "http://packetstormsecurity.com/files/165282/Log4j-Payload-Generator.html"
},
{
"url": "http://packetstormsecurity.com/files/165281/Log4j2-Log4Shell-Regexes.html"
},
{
"url": "http://packetstormsecurity.com/files/165307/Log4j-Remote-Code-Execution-Word-Bypassing.html"
},
{
"url": "http://packetstormsecurity.com/files/165311/log4j-scan-Extensive-Scanner.html"
},
{
"url": "http://packetstormsecurity.com/files/165306/L4sh-Log4j-Remote-Code-Execution.html"
},
{
"url": "https://cert-portal.siemens.com/productcert/pdf/ssa-714170.pdf"
},
{
"name": "FEDORA-2021-66d6c484f3",
"tags": [
"vendor-advisory"
],
"url": "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/M5CSVUNV4HWZZXGOKNSK6L7RPM7BOKIB/"
},
{
"url": "http://packetstormsecurity.com/files/165371/VMware-Security-Advisory-2021-0028.4.html"
},
{
"url": "https://cert-portal.siemens.com/productcert/pdf/ssa-397453.pdf"
},
{
"url": "https://cert-portal.siemens.com/productcert/pdf/ssa-479842.pdf"
},
{
"url": "https://www.oracle.com/security-alerts/cpujan2022.html"
},
{
"url": "http://packetstormsecurity.com/files/165532/Log4Shell-HTTP-Header-Injection.html"
},
{
"url": "https://github.com/cisagov/log4j-affected-db/blob/develop/SOFTWARE-LIST.md"
},
{
"url": "http://packetstormsecurity.com/files/165642/VMware-vCenter-Server-Unauthenticated-Log4Shell-JNDI-Injection-Remote-Code-Execution.html"
},
{
"url": "http://packetstormsecurity.com/files/165673/UniFi-Network-Application-Unauthenticated-Log4Shell-Remote-Code-Execution.html"
},
{
"name": "20220314 APPLE-SA-2022-03-14-7 Xcode 13.3",
"tags": [
"mailing-list"
],
"url": "http://seclists.org/fulldisclosure/2022/Mar/23"
},
{
"url": "https://www.bentley.com/en/common-vulnerability-exposure/be-2022-0001"
},
{
"url": "https://github.com/cisagov/log4j-affected-db"
},
{
"url": "https://support.apple.com/kb/HT213189"
},
{
"url": "https://www.oracle.com/security-alerts/cpuapr2022.html"
},
{
"url": "https://github.com/nu11secur1ty/CVE-mitre/tree/main/CVE-2021-44228"
},
{
"url": "https://www.nu11secur1ty.com/2021/12/cve-2021-44228.html"
},
{
"name": "20220721 Open-Xchange Security Advisory 2022-07-21",
"tags": [
"mailing-list"
],
"url": "http://seclists.org/fulldisclosure/2022/Jul/11"
},
{
"url": "http://packetstormsecurity.com/files/167794/Open-Xchange-App-Suite-7.10.x-Cross-Site-Scripting-Command-Injection.html"
},
{
"url": "http://packetstormsecurity.com/files/167917/MobileIron-Log4Shell-Remote-Command-Execution.html"
},
{
"name": "20221208 Intel Data Center Manager \u003c= 5.1 Local Privileges Escalation",
"tags": [
"mailing-list"
],
"url": "http://seclists.org/fulldisclosure/2022/Dec/2"
},
{
"url": "http://packetstormsecurity.com/files/171626/AD-Manager-Plus-7122-Remote-Code-Execution.html"
}
],
"source": {
"discovery": "UNKNOWN"
},
"title": "Apache Log4j2 JNDI features do not protect against attacker controlled LDAP and other JNDI related endpoints",
"x_generator": {
"engine": "Vulnogram 0.0.9"
}
}
},
"cveMetadata": {
"assignerOrgId": "f0158376-9dc2-43b6-827c-5f631a4d8d09",
"assignerShortName": "apache",
"cveId": "CVE-2021-44228",
"datePublished": "2021-12-10T00:00:00.000Z",
"dateReserved": "2021-11-26T00:00:00.000Z",
"dateUpdated": "2025-10-21T23:25:23.121Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2021-1575 (GCVE-0-2021-1575)
Vulnerability from cvelistv5 – Published: 2021-07-08 18:30 – Updated: 2024-11-07 22:07
VLAI?
Summary
A vulnerability in the web-based management interface of Cisco Virtualized Voice Browser could allow an unauthenticated, remote attacker to conduct a cross-site scripting (XSS) attack against a user of the interface. This vulnerability exists because the web-based management interface does not properly validate user-supplied input. An attacker could exploit this vulnerability by persuading a user of an affected interface to click a crafted link. A successful exploit could allow the attacker to execute arbitrary script code in the context of the affected interface or access sensitive, browser-based information.
Severity ?
6.1 (Medium)
CWE
Assigner
References
| URL | Tags | ||||
|---|---|---|---|---|---|
|
|||||
Impacted products
| Vendor | Product | Version | ||
|---|---|---|---|---|
| Cisco | Cisco Virtualized Voice Browser |
Affected:
n/a
|
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-03T16:18:10.282Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"name": "20210707 Cisco Virtualized Voice Browser Cross-Site Scripting Vulnerability",
"tags": [
"vendor-advisory",
"x_refsource_CISCO",
"x_transferred"
],
"url": "https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-vvb-xss-wG4zXRp3"
}
],
"title": "CVE Program Container"
},
{
"metrics": [
{
"other": {
"content": {
"id": "CVE-2021-1575",
"options": [
{
"Exploitation": "none"
},
{
"Automatable": "no"
},
{
"Technical Impact": "partial"
}
],
"role": "CISA Coordinator",
"timestamp": "2024-11-07T21:41:28.920055Z",
"version": "2.0.3"
},
"type": "ssvc"
}
}
],
"providerMetadata": {
"dateUpdated": "2024-11-07T22:07:36.525Z",
"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"shortName": "CISA-ADP"
},
"title": "CISA ADP Vulnrichment"
}
],
"cna": {
"affected": [
{
"product": "Cisco Virtualized Voice Browser",
"vendor": "Cisco",
"versions": [
{
"status": "affected",
"version": "n/a"
}
]
}
],
"datePublic": "2021-07-07T00:00:00",
"descriptions": [
{
"lang": "en",
"value": "A vulnerability in the web-based management interface of Cisco Virtualized Voice Browser could allow an unauthenticated, remote attacker to conduct a cross-site scripting (XSS) attack against a user of the interface. This vulnerability exists because the web-based management interface does not properly validate user-supplied input. An attacker could exploit this vulnerability by persuading a user of an affected interface to click a crafted link. A successful exploit could allow the attacker to execute arbitrary script code in the context of the affected interface or access sensitive, browser-based information."
}
],
"exploits": [
{
"lang": "en",
"value": "The Cisco Product Security Incident Response Team (PSIRT) is not aware of any public announcements or malicious use of the vulnerability that is described in this advisory."
}
],
"metrics": [
{
"cvssV3_1": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "NONE",
"baseScore": 6.1,
"baseSeverity": "MEDIUM",
"confidentialityImpact": "LOW",
"integrityImpact": "LOW",
"privilegesRequired": "NONE",
"scope": "CHANGED",
"userInteraction": "REQUIRED",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N",
"version": "3.1"
}
}
],
"problemTypes": [
{
"descriptions": [
{
"cweId": "CWE-79",
"description": "CWE-79",
"lang": "en",
"type": "CWE"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2021-07-08T18:30:18",
"orgId": "d1c1063e-7a18-46af-9102-31f8928bc633",
"shortName": "cisco"
},
"references": [
{
"name": "20210707 Cisco Virtualized Voice Browser Cross-Site Scripting Vulnerability",
"tags": [
"vendor-advisory",
"x_refsource_CISCO"
],
"url": "https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-vvb-xss-wG4zXRp3"
}
],
"source": {
"advisory": "cisco-sa-vvb-xss-wG4zXRp3",
"defect": [
[
"CSCvx89188"
]
],
"discovery": "INTERNAL"
},
"title": "Cisco Virtualized Voice Browser Cross-Site Scripting Vulnerability",
"x_legacyV4Record": {
"CVE_data_meta": {
"ASSIGNER": "psirt@cisco.com",
"DATE_PUBLIC": "2021-07-07T16:00:00",
"ID": "CVE-2021-1575",
"STATE": "PUBLIC",
"TITLE": "Cisco Virtualized Voice Browser Cross-Site Scripting Vulnerability"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "Cisco Virtualized Voice Browser",
"version": {
"version_data": [
{
"version_value": "n/a"
}
]
}
}
]
},
"vendor_name": "Cisco"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "A vulnerability in the web-based management interface of Cisco Virtualized Voice Browser could allow an unauthenticated, remote attacker to conduct a cross-site scripting (XSS) attack against a user of the interface. This vulnerability exists because the web-based management interface does not properly validate user-supplied input. An attacker could exploit this vulnerability by persuading a user of an affected interface to click a crafted link. A successful exploit could allow the attacker to execute arbitrary script code in the context of the affected interface or access sensitive, browser-based information."
}
]
},
"exploit": [
{
"lang": "en",
"value": "The Cisco Product Security Incident Response Team (PSIRT) is not aware of any public announcements or malicious use of the vulnerability that is described in this advisory."
}
],
"impact": {
"cvss": {
"baseScore": "6.1",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N",
"version": "3.0"
}
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "CWE-79"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "20210707 Cisco Virtualized Voice Browser Cross-Site Scripting Vulnerability",
"refsource": "CISCO",
"url": "https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-vvb-xss-wG4zXRp3"
}
]
},
"source": {
"advisory": "cisco-sa-vvb-xss-wG4zXRp3",
"defect": [
[
"CSCvx89188"
]
],
"discovery": "INTERNAL"
}
}
}
},
"cveMetadata": {
"assignerOrgId": "d1c1063e-7a18-46af-9102-31f8928bc633",
"assignerShortName": "cisco",
"cveId": "CVE-2021-1575",
"datePublished": "2021-07-08T18:30:18.612729Z",
"dateReserved": "2020-11-13T00:00:00",
"dateUpdated": "2024-11-07T22:07:36.525Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2017-6779 (GCVE-0-2017-6779)
Vulnerability from cvelistv5 – Published: 2018-06-07 12:00 – Updated: 2024-11-29 15:07
VLAI?
Summary
Multiple Cisco products are affected by a vulnerability in local file management for certain system log files of Cisco collaboration products that could allow an unauthenticated, remote attacker to cause high disk utilization, resulting in a denial of service (DoS) condition. The vulnerability occurs because a certain system log file does not have a maximum size restriction. Therefore, the file is allowed to consume the majority of available disk space on the appliance. An attacker could exploit this vulnerability by sending crafted remote connection requests to the appliance. Successful exploitation could allow the attacker to increase the size of a system log file so that it consumes most of the disk space. The lack of available disk space could lead to a DoS condition in which the application functions could operate abnormally, making the appliance unstable. This vulnerability affects the following Cisco Voice Operating System (VOS)-based products: Emergency Responder, Finesse, Hosted Collaboration Mediation Fulfillment, MediaSense, Prime License Manager, SocialMiner, Unified Communications Manager (UCM), Unified Communications Manager IM and Presence Service (IM&P - earlier releases were known as Cisco Unified Presence), Unified Communication Manager Session Management Edition (SME), Unified Contact Center Express (UCCx), Unified Intelligence Center (UIC), Unity Connection, Virtualized Voice Browser. This vulnerability also affects Prime Collaboration Assurance and Prime Collaboration Provisioning. Cisco Bug IDs: CSCvd10872, CSCvf64322, CSCvf64332, CSCvi29538, CSCvi29543, CSCvi29544, CSCvi29546, CSCvi29556, CSCvi29571, CSCvi31738, CSCvi31741, CSCvi31762, CSCvi31807, CSCvi31818, CSCvi31823.
Severity ?
No CVSS data available.
CWE
Assigner
References
| URL | Tags | ||||
|---|---|---|---|---|---|
|
|||||
Impacted products
| Vendor | Product | Version | ||
|---|---|---|---|---|
| n/a | Multiple Cisco Products unknown |
Affected:
Multiple Cisco Products unknown
|
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-05T15:41:17.143Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"tags": [
"x_refsource_CONFIRM",
"x_transferred"
],
"url": "https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20180606-diskdos"
}
],
"title": "CVE Program Container"
},
{
"metrics": [
{
"other": {
"content": {
"id": "CVE-2017-6779",
"options": [
{
"Exploitation": "none"
},
{
"Automatable": "yes"
},
{
"Technical Impact": "partial"
}
],
"role": "CISA Coordinator",
"timestamp": "2024-11-29T14:43:53.428544Z",
"version": "2.0.3"
},
"type": "ssvc"
}
}
],
"providerMetadata": {
"dateUpdated": "2024-11-29T15:07:21.731Z",
"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"shortName": "CISA-ADP"
},
"title": "CISA ADP Vulnrichment"
}
],
"cna": {
"affected": [
{
"product": "Multiple Cisco Products unknown",
"vendor": "n/a",
"versions": [
{
"status": "affected",
"version": "Multiple Cisco Products unknown"
}
]
}
],
"datePublic": "2018-06-07T00:00:00",
"descriptions": [
{
"lang": "en",
"value": "Multiple Cisco products are affected by a vulnerability in local file management for certain system log files of Cisco collaboration products that could allow an unauthenticated, remote attacker to cause high disk utilization, resulting in a denial of service (DoS) condition. The vulnerability occurs because a certain system log file does not have a maximum size restriction. Therefore, the file is allowed to consume the majority of available disk space on the appliance. An attacker could exploit this vulnerability by sending crafted remote connection requests to the appliance. Successful exploitation could allow the attacker to increase the size of a system log file so that it consumes most of the disk space. The lack of available disk space could lead to a DoS condition in which the application functions could operate abnormally, making the appliance unstable. This vulnerability affects the following Cisco Voice Operating System (VOS)-based products: Emergency Responder, Finesse, Hosted Collaboration Mediation Fulfillment, MediaSense, Prime License Manager, SocialMiner, Unified Communications Manager (UCM), Unified Communications Manager IM and Presence Service (IM\u0026P - earlier releases were known as Cisco Unified Presence), Unified Communication Manager Session Management Edition (SME), Unified Contact Center Express (UCCx), Unified Intelligence Center (UIC), Unity Connection, Virtualized Voice Browser. This vulnerability also affects Prime Collaboration Assurance and Prime Collaboration Provisioning. Cisco Bug IDs: CSCvd10872, CSCvf64322, CSCvf64332, CSCvi29538, CSCvi29543, CSCvi29544, CSCvi29546, CSCvi29556, CSCvi29571, CSCvi31738, CSCvi31741, CSCvi31762, CSCvi31807, CSCvi31818, CSCvi31823."
}
],
"problemTypes": [
{
"descriptions": [
{
"cweId": "CWE-399",
"description": "CWE-399",
"lang": "en",
"type": "CWE"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2018-06-07T11:57:01",
"orgId": "d1c1063e-7a18-46af-9102-31f8928bc633",
"shortName": "cisco"
},
"references": [
{
"tags": [
"x_refsource_CONFIRM"
],
"url": "https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20180606-diskdos"
}
],
"x_legacyV4Record": {
"CVE_data_meta": {
"ASSIGNER": "psirt@cisco.com",
"ID": "CVE-2017-6779",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "Multiple Cisco Products unknown",
"version": {
"version_data": [
{
"version_value": "Multiple Cisco Products unknown"
}
]
}
}
]
},
"vendor_name": "n/a"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "Multiple Cisco products are affected by a vulnerability in local file management for certain system log files of Cisco collaboration products that could allow an unauthenticated, remote attacker to cause high disk utilization, resulting in a denial of service (DoS) condition. The vulnerability occurs because a certain system log file does not have a maximum size restriction. Therefore, the file is allowed to consume the majority of available disk space on the appliance. An attacker could exploit this vulnerability by sending crafted remote connection requests to the appliance. Successful exploitation could allow the attacker to increase the size of a system log file so that it consumes most of the disk space. The lack of available disk space could lead to a DoS condition in which the application functions could operate abnormally, making the appliance unstable. This vulnerability affects the following Cisco Voice Operating System (VOS)-based products: Emergency Responder, Finesse, Hosted Collaboration Mediation Fulfillment, MediaSense, Prime License Manager, SocialMiner, Unified Communications Manager (UCM), Unified Communications Manager IM and Presence Service (IM\u0026P - earlier releases were known as Cisco Unified Presence), Unified Communication Manager Session Management Edition (SME), Unified Contact Center Express (UCCx), Unified Intelligence Center (UIC), Unity Connection, Virtualized Voice Browser. This vulnerability also affects Prime Collaboration Assurance and Prime Collaboration Provisioning. Cisco Bug IDs: CSCvd10872, CSCvf64322, CSCvf64332, CSCvi29538, CSCvi29543, CSCvi29544, CSCvi29546, CSCvi29556, CSCvi29571, CSCvi31738, CSCvi31741, CSCvi31762, CSCvi31807, CSCvi31818, CSCvi31823."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "CWE-399"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20180606-diskdos",
"refsource": "CONFIRM",
"url": "https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20180606-diskdos"
}
]
}
}
}
},
"cveMetadata": {
"assignerOrgId": "d1c1063e-7a18-46af-9102-31f8928bc633",
"assignerShortName": "cisco",
"cveId": "CVE-2017-6779",
"datePublished": "2018-06-07T12:00:00",
"dateReserved": "2017-03-09T00:00:00",
"dateUpdated": "2024-11-29T15:07:21.731Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2025-20278 (GCVE-0-2025-20278)
Vulnerability from nvd – Published: 2025-06-04 16:18 – Updated: 2025-06-06 03:55
VLAI?
Summary
A vulnerability in the CLI of multiple Cisco Unified Communications products could allow an authenticated, local attacker to execute arbitrary commands on the underlying operating system of an affected device as the root user.
This vulnerability is due to improper validation of user-supplied command arguments. An attacker could exploit this vulnerability by executing crafted commands on the CLI of an affected device. A successful exploit could allow the attacker to execute arbitrary commands on the underlying operating system of an affected device as the root user. To exploit this vulnerability, the attacker must have valid administrative credentials.
Severity ?
6 (Medium)
CWE
- CWE-77 - Improper Neutralization of Special Elements used in a Command ('Command Injection')
Assigner
References
Impacted products
| Vendor | Product | Version | |||||||||||||||||||||||||||||||||||||
|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|
| Cisco | Cisco Finesse |
Affected:
11.0(1)ES_Rollback
Affected: 10.5(1)ES4 Affected: 11.6(1)ES3 Affected: 11.0(1)ES2 Affected: 12.0(1)ES2 Affected: 10.5(1)ES3 Affected: 11.0(1) Affected: 11.6(1)FIPS Affected: 11.6(1)ES4 Affected: 11.0(1)ES3 Affected: 10.5(1)ES6 Affected: 11.0(1)ES7 Affected: 11.5(1)ES4 Affected: 10.5(1)ES8 Affected: 11.5(1) Affected: 11.6(1) Affected: 10.5(1)ES10 Affected: 11.6(1)ES2 Affected: 11.6(1)ES Affected: 11.0(1)ES6 Affected: 11.0(1)ES4 Affected: 12.0(1) Affected: 11.6(1)ES7 Affected: 10.5(1)ES7 Affected: 11.6(1)ES8 Affected: 11.5(1)ES1 Affected: 11.6(1)ES1 Affected: 11.5(1)ES5 Affected: 11.0(1)ES1 Affected: 10.5(1) Affected: 11.6(1)ES6 Affected: 10.5(1)ES2 Affected: 12.0(1)ES1 Affected: 11.0(1)ES5 Affected: 10.5(1)ES5 Affected: 11.5(1)ES3 Affected: 11.5(1)ES2 Affected: 10.5(1)ES9 Affected: 11.6(1)ES5 Affected: 11.6(1)ES9 Affected: 11.5(1)ES6 Affected: 10.5(1)ES1 Affected: 12.5(1) Affected: 12.0(1)ES3 Affected: 11.6(1)ES10 Affected: 12.5(1)ES1 Affected: 12.5(1)ES2 Affected: 12.0(1)ES4 Affected: 12.5(1)ES3 Affected: 12.0(1)ES5 Affected: 12.5(1)ES4 Affected: 12.0(1)ES6 Affected: 12.5(1)ES5 Affected: 12.5(1)ES6 Affected: 12.0(1)ES7 Affected: 12.6(1) Affected: 12.5(1)ES7 Affected: 11.6(1)ES11 Affected: 12.6(1)ES1 Affected: 12.0(1)ES8 Affected: 12.5(1)ES8 Affected: 12.6(1)ES2 Affected: 12.6(1)ES3 Affected: 12.6(1)ES4 Affected: 12.6(1)ES5 Affected: 12.5(2) Affected: 12.5(1)_SU Affected: 12.5(1)SU Affected: 12.6(1)ES6 Affected: 12.5(1)SU ES1 Affected: 12.6(1)ES7 Affected: 12.6(1)ES7_ET Affected: 12.6(2) Affected: 12.6(1)ES8 Affected: 12.6(1)ES9 Affected: 12.6(2)ES1 Affected: 12.6(1)ES10 Affected: 12.5(1)SU ES2 Affected: 12.6(1)ES11 Affected: 12.6(2)ES2 Affected: 12.6(2)ES3 Affected: 12.5(1)SU ES3 Affected: 12.6(2)ES4 Affected: 12.6(2)ES5 |
|||||||||||||||||||||||||||||||||||||
|
|||||||||||||||||||||||||||||||||||||||
{
"containers": {
"adp": [
{
"metrics": [
{
"other": {
"content": {
"id": "CVE-2025-20278",
"options": [
{
"Exploitation": "none"
},
{
"Automatable": "no"
},
{
"Technical Impact": "total"
}
],
"role": "CISA Coordinator",
"timestamp": "2025-06-05T00:00:00+00:00",
"version": "2.0.3"
},
"type": "ssvc"
}
}
],
"providerMetadata": {
"dateUpdated": "2025-06-06T03:55:32.661Z",
"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"shortName": "CISA-ADP"
},
"title": "CISA ADP Vulnrichment"
}
],
"cna": {
"affected": [
{
"defaultStatus": "unknown",
"product": "Cisco Finesse",
"vendor": "Cisco",
"versions": [
{
"status": "affected",
"version": "11.0(1)ES_Rollback"
},
{
"status": "affected",
"version": "10.5(1)ES4"
},
{
"status": "affected",
"version": "11.6(1)ES3"
},
{
"status": "affected",
"version": "11.0(1)ES2"
},
{
"status": "affected",
"version": "12.0(1)ES2"
},
{
"status": "affected",
"version": "10.5(1)ES3"
},
{
"status": "affected",
"version": "11.0(1)"
},
{
"status": "affected",
"version": "11.6(1)FIPS"
},
{
"status": "affected",
"version": "11.6(1)ES4"
},
{
"status": "affected",
"version": "11.0(1)ES3"
},
{
"status": "affected",
"version": "10.5(1)ES6"
},
{
"status": "affected",
"version": "11.0(1)ES7"
},
{
"status": "affected",
"version": "11.5(1)ES4"
},
{
"status": "affected",
"version": "10.5(1)ES8"
},
{
"status": "affected",
"version": "11.5(1)"
},
{
"status": "affected",
"version": "11.6(1)"
},
{
"status": "affected",
"version": "10.5(1)ES10"
},
{
"status": "affected",
"version": "11.6(1)ES2"
},
{
"status": "affected",
"version": "11.6(1)ES"
},
{
"status": "affected",
"version": "11.0(1)ES6"
},
{
"status": "affected",
"version": "11.0(1)ES4"
},
{
"status": "affected",
"version": "12.0(1)"
},
{
"status": "affected",
"version": "11.6(1)ES7"
},
{
"status": "affected",
"version": "10.5(1)ES7"
},
{
"status": "affected",
"version": "11.6(1)ES8"
},
{
"status": "affected",
"version": "11.5(1)ES1"
},
{
"status": "affected",
"version": "11.6(1)ES1"
},
{
"status": "affected",
"version": "11.5(1)ES5"
},
{
"status": "affected",
"version": "11.0(1)ES1"
},
{
"status": "affected",
"version": "10.5(1)"
},
{
"status": "affected",
"version": "11.6(1)ES6"
},
{
"status": "affected",
"version": "10.5(1)ES2"
},
{
"status": "affected",
"version": "12.0(1)ES1"
},
{
"status": "affected",
"version": "11.0(1)ES5"
},
{
"status": "affected",
"version": "10.5(1)ES5"
},
{
"status": "affected",
"version": "11.5(1)ES3"
},
{
"status": "affected",
"version": "11.5(1)ES2"
},
{
"status": "affected",
"version": "10.5(1)ES9"
},
{
"status": "affected",
"version": "11.6(1)ES5"
},
{
"status": "affected",
"version": "11.6(1)ES9"
},
{
"status": "affected",
"version": "11.5(1)ES6"
},
{
"status": "affected",
"version": "10.5(1)ES1"
},
{
"status": "affected",
"version": "12.5(1)"
},
{
"status": "affected",
"version": "12.0(1)ES3"
},
{
"status": "affected",
"version": "11.6(1)ES10"
},
{
"status": "affected",
"version": "12.5(1)ES1"
},
{
"status": "affected",
"version": "12.5(1)ES2"
},
{
"status": "affected",
"version": "12.0(1)ES4"
},
{
"status": "affected",
"version": "12.5(1)ES3"
},
{
"status": "affected",
"version": "12.0(1)ES5"
},
{
"status": "affected",
"version": "12.5(1)ES4"
},
{
"status": "affected",
"version": "12.0(1)ES6"
},
{
"status": "affected",
"version": "12.5(1)ES5"
},
{
"status": "affected",
"version": "12.5(1)ES6"
},
{
"status": "affected",
"version": "12.0(1)ES7"
},
{
"status": "affected",
"version": "12.6(1)"
},
{
"status": "affected",
"version": "12.5(1)ES7"
},
{
"status": "affected",
"version": "11.6(1)ES11"
},
{
"status": "affected",
"version": "12.6(1)ES1"
},
{
"status": "affected",
"version": "12.0(1)ES8"
},
{
"status": "affected",
"version": "12.5(1)ES8"
},
{
"status": "affected",
"version": "12.6(1)ES2"
},
{
"status": "affected",
"version": "12.6(1)ES3"
},
{
"status": "affected",
"version": "12.6(1)ES4"
},
{
"status": "affected",
"version": "12.6(1)ES5"
},
{
"status": "affected",
"version": "12.5(2)"
},
{
"status": "affected",
"version": "12.5(1)_SU"
},
{
"status": "affected",
"version": "12.5(1)SU"
},
{
"status": "affected",
"version": "12.6(1)ES6"
},
{
"status": "affected",
"version": "12.5(1)SU ES1"
},
{
"status": "affected",
"version": "12.6(1)ES7"
},
{
"status": "affected",
"version": "12.6(1)ES7_ET"
},
{
"status": "affected",
"version": "12.6(2)"
},
{
"status": "affected",
"version": "12.6(1)ES8"
},
{
"status": "affected",
"version": "12.6(1)ES9"
},
{
"status": "affected",
"version": "12.6(2)ES1"
},
{
"status": "affected",
"version": "12.6(1)ES10"
},
{
"status": "affected",
"version": "12.5(1)SU ES2"
},
{
"status": "affected",
"version": "12.6(1)ES11"
},
{
"status": "affected",
"version": "12.6(2)ES2"
},
{
"status": "affected",
"version": "12.6(2)ES3"
},
{
"status": "affected",
"version": "12.5(1)SU ES3"
},
{
"status": "affected",
"version": "12.6(2)ES4"
},
{
"status": "affected",
"version": "12.6(2)ES5"
}
]
},
{
"defaultStatus": "unknown",
"product": "Cisco SocialMiner",
"vendor": "Cisco",
"versions": [
{
"status": "affected",
"version": "12.5(1)ES01"
},
{
"status": "affected",
"version": "10.5(1)"
},
{
"status": "affected",
"version": "11.6(1)"
},
{
"status": "affected",
"version": "10.6(1)"
},
{
"status": "affected",
"version": "12.0(1)ES04"
},
{
"status": "affected",
"version": "10.6(2)"
},
{
"status": "affected",
"version": "12.5(1)"
},
{
"status": "affected",
"version": "11.6(2)"
},
{
"status": "affected",
"version": "12.0(1)"
},
{
"status": "affected",
"version": "12.0(1)ES02"
},
{
"status": "affected",
"version": "11.0(1)"
},
{
"status": "affected",
"version": "11.5(1)"
},
{
"status": "affected",
"version": "11.5(1)SU1"
},
{
"status": "affected",
"version": "12.0(1)ES03"
},
{
"status": "affected",
"version": "12.5(1)SU3"
},
{
"status": "affected",
"version": "12.5(1)SU1"
},
{
"status": "affected",
"version": "12.5(1)SU2"
}
]
},
{
"defaultStatus": "unknown",
"product": "Cisco Unified Communications Manager",
"vendor": "Cisco",
"versions": [
{
"status": "affected",
"version": "12.5(1)SU2"
},
{
"status": "affected",
"version": "12.5(1)SU1"
},
{
"status": "affected",
"version": "12.5(1)"
},
{
"status": "affected",
"version": "12.5(1)SU3"
},
{
"status": "affected",
"version": "12.5(1)SU4"
},
{
"status": "affected",
"version": "14"
},
{
"status": "affected",
"version": "12.5(1)SU5"
},
{
"status": "affected",
"version": "14SU1"
},
{
"status": "affected",
"version": "12.5(1)SU6"
},
{
"status": "affected",
"version": "14SU2"
},
{
"status": "affected",
"version": "12.5(1)SU7"
},
{
"status": "affected",
"version": "12.5(1)SU7a"
},
{
"status": "affected",
"version": "14SU3"
},
{
"status": "affected",
"version": "12.5(1)SU8"
},
{
"status": "affected",
"version": "12.5(1)SU8a"
},
{
"status": "affected",
"version": "15"
},
{
"status": "affected",
"version": "15SU1"
},
{
"status": "affected",
"version": "14SU4"
},
{
"status": "affected",
"version": "14SU4a"
},
{
"status": "affected",
"version": "15SU1a"
},
{
"status": "affected",
"version": "12.5(1)SU9"
}
]
},
{
"defaultStatus": "unknown",
"product": "Cisco Unified Communications Manager IM and Presence Service",
"vendor": "Cisco",
"versions": [
{
"status": "affected",
"version": "12.5(1)"
},
{
"status": "affected",
"version": "12.5(1)SU1"
},
{
"status": "affected",
"version": "12.5(1)SU2"
},
{
"status": "affected",
"version": "12.5(1)SU3"
},
{
"status": "affected",
"version": "12.5(1)SU4"
},
{
"status": "affected",
"version": "14"
},
{
"status": "affected",
"version": "12.5(1)SU5"
},
{
"status": "affected",
"version": "14SU1"
},
{
"status": "affected",
"version": "12.5(1)SU6"
},
{
"status": "affected",
"version": "14SU2"
},
{
"status": "affected",
"version": "14SU2a"
},
{
"status": "affected",
"version": "12.5(1)SU7"
},
{
"status": "affected",
"version": "14SU3"
},
{
"status": "affected",
"version": "12.5(1)SU8"
},
{
"status": "affected",
"version": "15"
},
{
"status": "affected",
"version": "Recovery ISO"
},
{
"status": "affected",
"version": "15SU1"
},
{
"status": "affected",
"version": "14SU4"
},
{
"status": "affected",
"version": "12.5(1)SU9"
}
]
},
{
"defaultStatus": "unknown",
"product": "Cisco Unified Contact Center Express",
"vendor": "Cisco",
"versions": [
{
"status": "affected",
"version": "10.6(1)"
},
{
"status": "affected",
"version": "10.5(1)SU1"
},
{
"status": "affected",
"version": "10.6(1)SU3"
},
{
"status": "affected",
"version": "12.0(1)"
},
{
"status": "affected",
"version": "10.0(1)SU1"
},
{
"status": "affected",
"version": "10.6(1)SU1"
},
{
"status": "affected",
"version": "11.0(1)SU1"
},
{
"status": "affected",
"version": "11.5(1)SU1"
},
{
"status": "affected",
"version": "10.5(1)"
},
{
"status": "affected",
"version": "11.6(1)"
},
{
"status": "affected",
"version": "11.6(2)"
},
{
"status": "affected",
"version": "12.5(1)"
},
{
"status": "affected",
"version": "12.5(1)SU1"
},
{
"status": "affected",
"version": "12.5(1)SU2"
},
{
"status": "affected",
"version": "12.5(1)SU3"
},
{
"status": "affected",
"version": "12.5(1)_SU03_ES01"
},
{
"status": "affected",
"version": "12.5(1)_SU03_ES02"
},
{
"status": "affected",
"version": "12.5(1)_SU02_ES03"
},
{
"status": "affected",
"version": "12.5(1)_SU02_ES04"
},
{
"status": "affected",
"version": "12.5(1)_SU02_ES02"
},
{
"status": "affected",
"version": "12.5(1)_SU01_ES02"
},
{
"status": "affected",
"version": "12.5(1)_SU01_ES03"
},
{
"status": "affected",
"version": "12.5(1)_SU02_ES01"
},
{
"status": "affected",
"version": "11.6(2)ES07"
},
{
"status": "affected",
"version": "11.6(2)ES08"
},
{
"status": "affected",
"version": "12.5(1)_SU01_ES01"
},
{
"status": "affected",
"version": "12.0(1)ES04"
},
{
"status": "affected",
"version": "12.5(1)ES02"
},
{
"status": "affected",
"version": "12.5(1)ES03"
},
{
"status": "affected",
"version": "11.6(2)ES06"
},
{
"status": "affected",
"version": "12.5(1)ES01"
},
{
"status": "affected",
"version": "12.0(1)ES03"
},
{
"status": "affected",
"version": "12.0(1)ES01"
},
{
"status": "affected",
"version": "11.6(2)ES05"
},
{
"status": "affected",
"version": "12.0(1)ES02"
},
{
"status": "affected",
"version": "11.6(2)ES04"
},
{
"status": "affected",
"version": "11.6(2)ES03"
},
{
"status": "affected",
"version": "11.6(2)ES02"
},
{
"status": "affected",
"version": "11.6(2)ES01"
},
{
"status": "affected",
"version": "10.6(1)SU3ES03"
},
{
"status": "affected",
"version": "11.0(1)SU1ES03"
},
{
"status": "affected",
"version": "10.6(1)SU3ES01"
},
{
"status": "affected",
"version": "10.5(1)SU1ES10"
},
{
"status": "affected",
"version": "10.0(1)SU1ES04"
},
{
"status": "affected",
"version": "11.5(1)SU1ES03"
},
{
"status": "affected",
"version": "11.6(1)ES02"
},
{
"status": "affected",
"version": "11.5(1)ES01"
},
{
"status": "affected",
"version": "9.0(2)SU3ES04"
},
{
"status": "affected",
"version": "10.6(1)SU2"
},
{
"status": "affected",
"version": "10.6(1)SU2ES04"
},
{
"status": "affected",
"version": "11.6(1)ES01"
},
{
"status": "affected",
"version": "10.6(1)SU3ES02"
},
{
"status": "affected",
"version": "11.5(1)SU1ES02"
},
{
"status": "affected",
"version": "11.5(1)SU1ES01"
},
{
"status": "affected",
"version": "8.5(1)"
},
{
"status": "affected",
"version": "11.0(1)SU1ES02"
},
{
"status": "affected",
"version": "12.5(1)_SU03_ES03"
},
{
"status": "affected",
"version": "12.5(1)_SU03_ES04"
},
{
"status": "affected",
"version": "12.5(1)_SU03_ES05"
},
{
"status": "affected",
"version": "12.5(1)_SU03_ES06"
}
]
},
{
"defaultStatus": "unknown",
"product": "Cisco Unified Intelligence Center",
"vendor": "Cisco",
"versions": [
{
"status": "affected",
"version": "11.6(1)"
},
{
"status": "affected",
"version": "10.5(1)"
},
{
"status": "affected",
"version": "11.0(1)"
},
{
"status": "affected",
"version": "11.5(1)"
},
{
"status": "affected",
"version": "12.0(1)"
},
{
"status": "affected",
"version": "12.5(1)"
},
{
"status": "affected",
"version": "11.0(2)"
},
{
"status": "affected",
"version": "12.6(1)"
},
{
"status": "affected",
"version": "12.5(1)SU"
},
{
"status": "affected",
"version": "12.6(1)_ET"
},
{
"status": "affected",
"version": "12.6(1)_ES05_ET"
},
{
"status": "affected",
"version": "11.0(3)"
},
{
"status": "affected",
"version": "12.6(2)"
},
{
"status": "affected",
"version": "12.6(2)_504_Issue_ET"
},
{
"status": "affected",
"version": "12.6.1_ExcelIssue_ET"
},
{
"status": "affected",
"version": "12.6(2)_Permalink_ET"
},
{
"status": "affected",
"version": "12.6.2_CSCwk19536_ET"
},
{
"status": "affected",
"version": "12.6.2_CSCwm96922_ET"
},
{
"status": "affected",
"version": "12.6.2_Amq_OOS_ET"
},
{
"status": "affected",
"version": "12.5(2)ET_CSCwi79933"
},
{
"status": "affected",
"version": "12.6(2)_ET"
},
{
"status": "affected",
"version": "12.6.2_CSCwn48501_ET"
}
]
},
{
"defaultStatus": "unknown",
"product": "Cisco Unity Connection",
"vendor": "Cisco",
"versions": [
{
"status": "affected",
"version": "12.5(1)"
},
{
"status": "affected",
"version": "12.5(1)SU1"
},
{
"status": "affected",
"version": "12.5(1)SU2"
},
{
"status": "affected",
"version": "12.5(1)SU3"
},
{
"status": "affected",
"version": "12.5(1)SU4"
},
{
"status": "affected",
"version": "14"
},
{
"status": "affected",
"version": "12.5(1)SU5"
},
{
"status": "affected",
"version": "14SU1"
},
{
"status": "affected",
"version": "12.5(1)SU6"
},
{
"status": "affected",
"version": "14SU2"
},
{
"status": "affected",
"version": "12.5(1)SU7"
},
{
"status": "affected",
"version": "14SU3"
},
{
"status": "affected",
"version": "12.5(1)SU8"
},
{
"status": "affected",
"version": "14SU3a"
},
{
"status": "affected",
"version": "12.5(1)SU8a"
},
{
"status": "affected",
"version": "15"
},
{
"status": "affected",
"version": "15SU1"
},
{
"status": "affected",
"version": "14SU4"
},
{
"status": "affected",
"version": "12.5(1)SU9"
}
]
},
{
"defaultStatus": "unknown",
"product": "Cisco Virtualized Voice Browser",
"vendor": "Cisco",
"versions": [
{
"status": "affected",
"version": "11.0(1)"
},
{
"status": "affected",
"version": "11.6(1)_ES84"
},
{
"status": "affected",
"version": "11.5(1)_ES54"
},
{
"status": "affected",
"version": "11.5(1)_ES27"
},
{
"status": "affected",
"version": "11.5(1)"
},
{
"status": "affected",
"version": "11.5(1)ES36"
},
{
"status": "affected",
"version": "12.0(1)_ES01"
},
{
"status": "affected",
"version": "11.6(1)_ES85"
},
{
"status": "affected",
"version": "12.5(1)_ES05"
},
{
"status": "affected",
"version": "11.5(1)_ES32"
},
{
"status": "affected",
"version": "11.6(1)_ES83"
},
{
"status": "affected",
"version": "11.5(1)_ES29"
},
{
"status": "affected",
"version": "12.0(1)_ES06"
},
{
"status": "affected",
"version": "12.5(1)"
},
{
"status": "affected",
"version": "12.0(1)_ES07"
},
{
"status": "affected",
"version": "11.6(1)_ES80"
},
{
"status": "affected",
"version": "12.0(1)_ES05"
},
{
"status": "affected",
"version": "11.5(1)_ES36"
},
{
"status": "affected",
"version": "11.5(1)_ES53"
},
{
"status": "affected",
"version": "12.5(1)_ES08"
},
{
"status": "affected",
"version": "11.5(1)ES43"
},
{
"status": "affected",
"version": "12.0(1)_ES03"
},
{
"status": "affected",
"version": "11.6(1)_ES86"
},
{
"status": "affected",
"version": "12.0(1)_ES04"
},
{
"status": "affected",
"version": "11.5(1)ES27"
},
{
"status": "affected",
"version": "12.5(1)_ES03"
},
{
"status": "affected",
"version": "11.6(1)_ES88"
},
{
"status": "affected",
"version": "12.5(1)_ES06"
},
{
"status": "affected",
"version": "11.6(1)_ES82"
},
{
"status": "affected",
"version": "11.6(1)"
},
{
"status": "affected",
"version": "11.5(1)ES29"
},
{
"status": "affected",
"version": "12.5(1)_ES04"
},
{
"status": "affected",
"version": "12.5(1)_ES07"
},
{
"status": "affected",
"version": "11.6(1)_ES87"
},
{
"status": "affected",
"version": "11.6(1)_ES81"
},
{
"status": "affected",
"version": "12.0(1)"
},
{
"status": "affected",
"version": "11.6(1)_ES22"
},
{
"status": "affected",
"version": "11.5(1)_ES43"
},
{
"status": "affected",
"version": "11.5(1)ES32"
},
{
"status": "affected",
"version": "12.0(1)_ES02"
},
{
"status": "affected",
"version": "12.5(1)_ES02"
},
{
"status": "affected",
"version": "12.6(1)"
},
{
"status": "affected",
"version": "12.5(1)_ES09"
},
{
"status": "affected",
"version": "12.6(1)_ES01"
},
{
"status": "affected",
"version": "12.0(1)_ES08"
},
{
"status": "affected",
"version": "12.5(1)_ES10"
},
{
"status": "affected",
"version": "12.6(1)_ES02"
},
{
"status": "affected",
"version": "12.5(1)_ES11"
},
{
"status": "affected",
"version": "12.5(1)_ES12"
},
{
"status": "affected",
"version": "12.6(1)_ES03"
},
{
"status": "affected",
"version": "12.5(1)_ES13"
},
{
"status": "affected",
"version": "12.5(1)_ES14"
},
{
"status": "affected",
"version": "12.6(1)_ES04"
},
{
"status": "affected",
"version": "12.6(1)_ES05"
},
{
"status": "affected",
"version": "12.5(1)_ES15"
},
{
"status": "affected",
"version": "12.6(1)_ES06"
},
{
"status": "affected",
"version": "12.6(1)_ET"
},
{
"status": "affected",
"version": "12.5(1)_ES16"
},
{
"status": "affected",
"version": "12.5(1)SU"
},
{
"status": "affected",
"version": "12.5(1)_SU"
},
{
"status": "affected",
"version": "12.5(1)_SU_ES01"
},
{
"status": "affected",
"version": "12.6(1)_ES07"
},
{
"status": "affected",
"version": "12.6(2)"
},
{
"status": "affected",
"version": "12.5(1)_ES17"
},
{
"status": "affected",
"version": "12.6(1)_ES08"
},
{
"status": "affected",
"version": "12.6(1)_ES09"
},
{
"status": "affected",
"version": "12.6(1)_ES10"
},
{
"status": "affected",
"version": "12.5(1)_SU_ES02"
},
{
"status": "affected",
"version": "12.6(2)_ES01"
},
{
"status": "affected",
"version": "12.6(2)_ET01"
},
{
"status": "affected",
"version": "12.5(2)_ET"
},
{
"status": "affected",
"version": "12.6(2)_ES02"
},
{
"status": "affected",
"version": "12.6(2)_ET_Streaming"
},
{
"status": "affected",
"version": "12.6(2)ET_Transcribe"
},
{
"status": "affected",
"version": "12.6(2)_ES03"
},
{
"status": "affected",
"version": "12.6(2)ET_NuanceMix"
},
{
"status": "affected",
"version": "12.6(2)ET_FileUpload"
},
{
"status": "affected",
"version": "12.6(2)_ET02"
},
{
"status": "affected",
"version": "12.6(2)_ES04"
},
{
"status": "affected",
"version": "12.6.2ET_RTPfallback"
},
{
"status": "affected",
"version": "12.6.2ET_CSCwf55306"
},
{
"status": "affected",
"version": "12.6.2_ET_CSCwj36712"
},
{
"status": "affected",
"version": "12.5.2 ET-CSCwj33374"
},
{
"status": "affected",
"version": "12.5(1) SU ET"
},
{
"status": "affected",
"version": "12.6(2)ET_CSCwj87296"
},
{
"status": "affected",
"version": "12.6(2)_ES05"
},
{
"status": "affected",
"version": "12.5.2_ET_CSCvz27014"
},
{
"status": "affected",
"version": "12.6(2)_ET"
},
{
"status": "affected",
"version": "12.6.2-ET"
},
{
"status": "affected",
"version": "12.6(2)ET_CSCwk83135"
},
{
"status": "affected",
"version": "12.6.2_ET_CX_ALAW"
},
{
"status": "affected",
"version": "12.6.2-ET01-SSL"
},
{
"status": "affected",
"version": "12.6(2)_ES06"
}
]
}
],
"descriptions": [
{
"lang": "en",
"value": "A vulnerability in the CLI of multiple Cisco Unified Communications products could allow an authenticated, local attacker to execute arbitrary commands on the underlying operating system of an affected device as the root user.\r\n\r\nThis vulnerability is due to improper validation of user-supplied command arguments. An attacker could exploit this vulnerability by executing crafted commands on the CLI of an affected device. A successful exploit could allow the attacker to execute arbitrary commands on the underlying operating system of an affected device as the root user. To exploit this vulnerability, the attacker must have valid administrative credentials."
}
],
"exploits": [
{
"lang": "en",
"value": "The Cisco PSIRT is not aware of any public announcements or malicious use of the vulnerability that is described in this advisory."
}
],
"metrics": [
{
"cvssV3_1": {
"attackComplexity": "LOW",
"attackVector": "LOCAL",
"availabilityImpact": "NONE",
"baseScore": 6,
"baseSeverity": "MEDIUM",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"privilegesRequired": "HIGH",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:N",
"version": "3.1"
},
"format": "cvssV3_1"
}
],
"problemTypes": [
{
"descriptions": [
{
"cweId": "CWE-77",
"description": "Improper Neutralization of Special Elements used in a Command (\u0027Command Injection\u0027)",
"lang": "en",
"type": "cwe"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2025-06-04T16:18:20.661Z",
"orgId": "d1c1063e-7a18-46af-9102-31f8928bc633",
"shortName": "cisco"
},
"references": [
{
"name": "cisco-sa-vos-command-inject-65s2UCYy",
"url": "https://sec.cloudapps.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-vos-command-inject-65s2UCYy"
}
],
"source": {
"advisory": "cisco-sa-vos-command-inject-65s2UCYy",
"defects": [
"CSCwk24029"
],
"discovery": "EXTERNAL"
},
"title": "Cisco Unified Communications Products Command Injection Vulnerability"
}
},
"cveMetadata": {
"assignerOrgId": "d1c1063e-7a18-46af-9102-31f8928bc633",
"assignerShortName": "cisco",
"cveId": "CVE-2025-20278",
"datePublished": "2025-06-04T16:18:20.661Z",
"dateReserved": "2024-10-10T19:15:13.246Z",
"dateUpdated": "2025-06-06T03:55:32.661Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2024-20253 (GCVE-0-2024-20253)
Vulnerability from nvd – Published: 2024-01-26 17:28 – Updated: 2025-05-29 15:12
VLAI?
Summary
A vulnerability in multiple Cisco Unified Communications and Contact Center Solutions products could allow an unauthenticated, remote attacker to execute arbitrary code on an affected device. This vulnerability is due to the improper processing of user-provided data that is being read into memory. An attacker could exploit this vulnerability by sending a crafted message to a listening port of an affected device. A successful exploit could allow the attacker to execute arbitrary commands on the underlying operating system with the privileges of the web services user. With access to the underlying operating system, the attacker could also establish root access on the affected device.
Severity ?
9.9 (Critical)
CWE
- CWE-502 - Deserialization of Untrusted Data
Assigner
References
Impacted products
| Vendor | Product | Version | |||||||||||||||||||||||||||||||||||||
|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|
| Cisco | Cisco Unified Contact Center Enterprise |
Affected:
N/A
|
|||||||||||||||||||||||||||||||||||||
|
|||||||||||||||||||||||||||||||||||||||
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-01T21:52:31.560Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"name": "cisco-sa-cucm-rce-bWNzQcUm",
"tags": [
"x_transferred"
],
"url": "https://sec.cloudapps.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-cucm-rce-bWNzQcUm"
}
],
"title": "CVE Program Container"
},
{
"metrics": [
{
"other": {
"content": {
"id": "CVE-2024-20253",
"options": [
{
"Exploitation": "none"
},
{
"Automatable": "yes"
},
{
"Technical Impact": "partial"
}
],
"role": "CISA Coordinator",
"timestamp": "2025-05-08T15:42:43.844502Z",
"version": "2.0.3"
},
"type": "ssvc"
}
}
],
"problemTypes": [
{
"descriptions": [
{
"cweId": "CWE-502",
"description": "CWE-502 Deserialization of Untrusted Data",
"lang": "en",
"type": "CWE"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2025-05-29T15:12:21.257Z",
"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"shortName": "CISA-ADP"
},
"title": "CISA ADP Vulnrichment"
}
],
"cna": {
"affected": [
{
"product": "Cisco Unified Contact Center Enterprise",
"vendor": "Cisco",
"versions": [
{
"status": "affected",
"version": "N/A"
}
]
},
{
"product": "Cisco Unity Connection",
"vendor": "Cisco",
"versions": [
{
"status": "affected",
"version": "12.0(1)SU1"
},
{
"status": "affected",
"version": "12.0(1)SU2"
},
{
"status": "affected",
"version": "12.0(1)SU3"
},
{
"status": "affected",
"version": "12.0(1)SU4"
},
{
"status": "affected",
"version": "12.0(1)SU5"
},
{
"status": "affected",
"version": "12.5(1)"
},
{
"status": "affected",
"version": "12.5(1)SU1"
},
{
"status": "affected",
"version": "12.5(1)SU2"
},
{
"status": "affected",
"version": "12.5(1)SU3"
},
{
"status": "affected",
"version": "12.5(1)SU4"
},
{
"status": "affected",
"version": "12.5(1)SU5"
},
{
"status": "affected",
"version": "12.5(1)SU6"
},
{
"status": "affected",
"version": "12.5(1)SU7"
},
{
"status": "affected",
"version": "14"
},
{
"status": "affected",
"version": "14SU1"
},
{
"status": "affected",
"version": "14SU2"
}
]
},
{
"product": "Cisco Unified Communications Manager",
"vendor": "Cisco",
"versions": [
{
"status": "affected",
"version": "12.0(1)SU1"
},
{
"status": "affected",
"version": "12.0(1)SU2"
},
{
"status": "affected",
"version": "12.0(1)SU3"
},
{
"status": "affected",
"version": "12.0(1)SU4"
},
{
"status": "affected",
"version": "12.0(1)SU5"
},
{
"status": "affected",
"version": "12.5(1)"
},
{
"status": "affected",
"version": "12.5(1)SU1"
},
{
"status": "affected",
"version": "12.5(1)SU2"
},
{
"status": "affected",
"version": "12.5(1)SU3"
},
{
"status": "affected",
"version": "12.5(1)SU4"
},
{
"status": "affected",
"version": "12.5(1)SU5"
},
{
"status": "affected",
"version": "12.5(1)SU6"
},
{
"status": "affected",
"version": "12.5(1)SU7"
},
{
"status": "affected",
"version": "12.5(1)SU7a"
},
{
"status": "affected",
"version": "14"
},
{
"status": "affected",
"version": "14SU1"
},
{
"status": "affected",
"version": "14SU2"
}
]
},
{
"product": "Cisco Unified Contact Center Express",
"vendor": "Cisco",
"versions": [
{
"status": "affected",
"version": "8.5(1)"
},
{
"status": "affected",
"version": "9.0(2)SU3ES04"
},
{
"status": "affected",
"version": "10.0(1)SU1"
},
{
"status": "affected",
"version": "10.0(1)SU1ES04"
},
{
"status": "affected",
"version": "10.5(1)"
},
{
"status": "affected",
"version": "10.5(1)SU1"
},
{
"status": "affected",
"version": "10.5(1)SU1ES10"
},
{
"status": "affected",
"version": "10.6(1)"
},
{
"status": "affected",
"version": "10.6(1)SU1"
},
{
"status": "affected",
"version": "10.6(1)SU3"
},
{
"status": "affected",
"version": "10.6(1)SU2"
},
{
"status": "affected",
"version": "10.6(1)SU3ES03"
},
{
"status": "affected",
"version": "10.6(1)SU2ES04"
},
{
"status": "affected",
"version": "10.6(1)SU3ES02"
},
{
"status": "affected",
"version": "10.6(1)SU3ES01"
},
{
"status": "affected",
"version": "11.0(1)SU1"
},
{
"status": "affected",
"version": "11.0(1)SU1ES03"
},
{
"status": "affected",
"version": "11.0(1)SU1ES02"
},
{
"status": "affected",
"version": "11.5(1)SU1"
},
{
"status": "affected",
"version": "11.5(1)SU1ES02"
},
{
"status": "affected",
"version": "11.5(1)SU1ES01"
},
{
"status": "affected",
"version": "11.5(1)SU1ES03"
},
{
"status": "affected",
"version": "11.5(1)ES01"
},
{
"status": "affected",
"version": "12.0(1)"
},
{
"status": "affected",
"version": "12.0(1)ES01"
},
{
"status": "affected",
"version": "12.0(1)ES03"
},
{
"status": "affected",
"version": "12.0(1)ES04"
},
{
"status": "affected",
"version": "12.0(1)ES02"
},
{
"status": "affected",
"version": "12.5(1)"
},
{
"status": "affected",
"version": "12.5(1)SU1"
},
{
"status": "affected",
"version": "12.5(1)SU2"
},
{
"status": "affected",
"version": "12.5(1)SU3"
},
{
"status": "affected",
"version": "12.5(1)_SU01_ES03"
},
{
"status": "affected",
"version": "12.5(1)ES03"
},
{
"status": "affected",
"version": "12.5(1)_SU01_ES01"
},
{
"status": "affected",
"version": "12.5(1)_SU02_ES02"
},
{
"status": "affected",
"version": "12.5(1)_SU01_ES02"
},
{
"status": "affected",
"version": "12.5(1)_SU02_ES03"
},
{
"status": "affected",
"version": "12.5(1)ES01"
},
{
"status": "affected",
"version": "12.5(1)_SU02_ES01"
},
{
"status": "affected",
"version": "12.5(1)ES02"
},
{
"status": "affected",
"version": "12.5(1)_SU03_ES01"
},
{
"status": "affected",
"version": "12.5(1)_SU02_ES04"
},
{
"status": "affected",
"version": "12.5(1)_SU03_ES02"
},
{
"status": "affected",
"version": "12.5(1)_SU03_ES03"
},
{
"status": "affected",
"version": "12.5(1)_SU03_ES04"
},
{
"status": "affected",
"version": "11.6(1)"
},
{
"status": "affected",
"version": "11.6(2)"
},
{
"status": "affected",
"version": "11.6(1)ES01"
},
{
"status": "affected",
"version": "11.6(2)ES06"
},
{
"status": "affected",
"version": "11.6(1)ES02"
},
{
"status": "affected",
"version": "11.6(2)ES01"
},
{
"status": "affected",
"version": "11.6(2)ES03"
},
{
"status": "affected",
"version": "11.6(2)ES07"
},
{
"status": "affected",
"version": "11.6(2)ES08"
},
{
"status": "affected",
"version": "11.6(2)ES02"
},
{
"status": "affected",
"version": "11.6(2)ES05"
},
{
"status": "affected",
"version": "11.6(2)ES04"
}
]
},
{
"product": "Cisco Unified Communications Manager IM and Presence Service",
"vendor": "Cisco",
"versions": [
{
"status": "affected",
"version": "10.5(1)"
},
{
"status": "affected",
"version": "10.5(2)"
},
{
"status": "affected",
"version": "10.5(2a)"
},
{
"status": "affected",
"version": "10.5(2b)"
},
{
"status": "affected",
"version": "10.5(2)SU3"
},
{
"status": "affected",
"version": "10.5(2)SU2a"
},
{
"status": "affected",
"version": "10.5(2)SU4a"
},
{
"status": "affected",
"version": "10.5(2)SU4"
},
{
"status": "affected",
"version": "10.5(1)SU3"
},
{
"status": "affected",
"version": "10.5(1)SU1"
},
{
"status": "affected",
"version": "10.5(2)SU1"
},
{
"status": "affected",
"version": "10.5(2)SU2"
},
{
"status": "affected",
"version": "10.5(1)SU2"
},
{
"status": "affected",
"version": "11.5(1)"
},
{
"status": "affected",
"version": "11.5(1)SU1"
},
{
"status": "affected",
"version": "11.5(1)SU2"
},
{
"status": "affected",
"version": "11.5(1)SU3"
},
{
"status": "affected",
"version": "11.5(1)SU3a"
},
{
"status": "affected",
"version": "11.5(1)SU4"
},
{
"status": "affected",
"version": "11.5(1)SU5"
},
{
"status": "affected",
"version": "11.5(1)SU5a"
},
{
"status": "affected",
"version": "11.5(1)SU6"
},
{
"status": "affected",
"version": "11.5(1)SU7"
},
{
"status": "affected",
"version": "11.5(1)SU8"
},
{
"status": "affected",
"version": "11.5(1)SU9"
},
{
"status": "affected",
"version": "11.5(1)SU10"
},
{
"status": "affected",
"version": "11.5(1)SU11"
},
{
"status": "affected",
"version": "11.0(1)"
},
{
"status": "affected",
"version": "11.0(1)SU1"
},
{
"status": "affected",
"version": "12.5(1)"
},
{
"status": "affected",
"version": "12.5(1)SU1"
},
{
"status": "affected",
"version": "12.5(1)SU2"
},
{
"status": "affected",
"version": "12.5(1)SU3"
},
{
"status": "affected",
"version": "12.5(1)SU4"
},
{
"status": "affected",
"version": "12.5(1)SU5"
},
{
"status": "affected",
"version": "12.5(1)SU6"
},
{
"status": "affected",
"version": "12.5(1)SU7"
},
{
"status": "affected",
"version": "14"
},
{
"status": "affected",
"version": "14SU1"
},
{
"status": "affected",
"version": "14SU2"
},
{
"status": "affected",
"version": "14SU2a"
},
{
"status": "affected",
"version": "10.0(1)"
},
{
"status": "affected",
"version": "10.0(1)SU1"
},
{
"status": "affected",
"version": "10.0(1)SU2"
}
]
},
{
"product": "Cisco Virtualized Voice Browser",
"vendor": "Cisco",
"versions": [
{
"status": "affected",
"version": "11.0(1)"
},
{
"status": "affected",
"version": "11.5(1)"
},
{
"status": "affected",
"version": "11.5(1)ES29"
},
{
"status": "affected",
"version": "11.5(1)ES32"
},
{
"status": "affected",
"version": "11.5(1)_ES43"
},
{
"status": "affected",
"version": "11.5(1)_ES54"
},
{
"status": "affected",
"version": "11.5(1)_ES27"
},
{
"status": "affected",
"version": "11.5(1)ES36"
},
{
"status": "affected",
"version": "11.5(1)_ES32"
},
{
"status": "affected",
"version": "11.5(1)_ES29"
},
{
"status": "affected",
"version": "11.5(1)_ES36"
},
{
"status": "affected",
"version": "11.5(1)ES43"
},
{
"status": "affected",
"version": "11.5(1)_ES53"
},
{
"status": "affected",
"version": "11.5(1)ES27"
},
{
"status": "affected",
"version": "11.6(1)"
},
{
"status": "affected",
"version": "11.6(1)_ES82"
},
{
"status": "affected",
"version": "11.6(1)_ES22"
},
{
"status": "affected",
"version": "11.6(1)_ES81"
},
{
"status": "affected",
"version": "11.6(1)_ES87"
},
{
"status": "affected",
"version": "11.6(1)_ES84"
},
{
"status": "affected",
"version": "11.6(1)_ES85"
},
{
"status": "affected",
"version": "11.6(1)_ES83"
},
{
"status": "affected",
"version": "11.6(1)_ES80"
},
{
"status": "affected",
"version": "11.6(1)_ES86"
},
{
"status": "affected",
"version": "11.6(1)_ES88"
},
{
"status": "affected",
"version": "12.5(1)_ES04"
},
{
"status": "affected",
"version": "12.5(1)_ES07"
},
{
"status": "affected",
"version": "12.5(1)_ES02"
},
{
"status": "affected",
"version": "12.5(1)"
},
{
"status": "affected",
"version": "12.5(1)_ES08"
},
{
"status": "affected",
"version": "12.5(1)_ES03"
},
{
"status": "affected",
"version": "12.5(1)_ES06"
},
{
"status": "affected",
"version": "12.5(1)_ES09"
},
{
"status": "affected",
"version": "12.5(1)_ES14"
},
{
"status": "affected",
"version": "12.5(1)SU"
},
{
"status": "affected",
"version": "12.5(1)_ES15"
},
{
"status": "affected",
"version": "12.5(1)_SU"
},
{
"status": "affected",
"version": "12.5(1)_SU_ES01"
},
{
"status": "affected",
"version": "12.5(1)_ES11"
},
{
"status": "affected",
"version": "12.5(1)_ES12"
},
{
"status": "affected",
"version": "12.5(2)_ET"
},
{
"status": "affected",
"version": "12.5(1)_SU_ES02"
},
{
"status": "affected",
"version": "12.5(1)_ES10"
},
{
"status": "affected",
"version": "12.0(1)"
},
{
"status": "affected",
"version": "12.0(1)_ES02"
},
{
"status": "affected",
"version": "12.0(1)_ES01"
},
{
"status": "affected",
"version": "12.0(1)_ES06"
},
{
"status": "affected",
"version": "12.0(1)_ES07"
},
{
"status": "affected",
"version": "12.0(1)_ES05"
},
{
"status": "affected",
"version": "12.0(1)_ES04"
},
{
"status": "affected",
"version": "12.0(1)_ES03"
},
{
"status": "affected",
"version": "12.0(1)_ES08"
},
{
"status": "affected",
"version": "12.6(1)"
},
{
"status": "affected",
"version": "12.6(1)_ES04"
},
{
"status": "affected",
"version": "12.6(1)_ES03"
},
{
"status": "affected",
"version": "12.6(1)_ES09"
},
{
"status": "affected",
"version": "12.6(1)_ES06"
},
{
"status": "affected",
"version": "12.6(1)_ES08"
},
{
"status": "affected",
"version": "12.6(1)_ES05"
},
{
"status": "affected",
"version": "12.6(2)_ES03"
},
{
"status": "affected",
"version": "12.6(1)_ES02"
},
{
"status": "affected",
"version": "12.6(1)_ES01"
},
{
"status": "affected",
"version": "12.6(2)"
},
{
"status": "affected",
"version": "12.6(2)_ET01"
},
{
"status": "affected",
"version": "12.6(2)_ES02"
},
{
"status": "affected",
"version": "12.6(2)_ES01"
},
{
"status": "affected",
"version": "12.6(1)_ES07"
}
]
},
{
"product": "Cisco Packaged Contact Center Enterprise",
"vendor": "Cisco",
"versions": [
{
"status": "affected",
"version": "10.5(1)"
},
{
"status": "affected",
"version": "10.5(2)"
},
{
"status": "affected",
"version": "10.5(1)_ES7"
},
{
"status": "affected",
"version": "10.5(2)_ES8"
},
{
"status": "affected",
"version": "11.0(1)"
},
{
"status": "affected",
"version": "11.0(2)"
},
{
"status": "affected",
"version": "11.5(1)"
},
{
"status": "affected",
"version": "11.6(1)"
},
{
"status": "affected",
"version": "11.6(2)"
},
{
"status": "affected",
"version": "12.0(1)"
},
{
"status": "affected",
"version": "12.5(1)"
},
{
"status": "affected",
"version": "12.5(2)"
},
{
"status": "affected",
"version": "12.6(1)"
},
{
"status": "affected",
"version": "12.6(2)"
}
]
},
{
"product": "Cisco Unified Communications Manager / Cisco Unity Connection",
"vendor": "Cisco",
"versions": [
{
"status": "affected",
"version": "10.5(2)SU10"
},
{
"status": "affected",
"version": "10.5(1)"
},
{
"status": "affected",
"version": "10.5(1)SU1"
},
{
"status": "affected",
"version": "10.5(1)SU1a"
},
{
"status": "affected",
"version": "10.5(2)"
},
{
"status": "affected",
"version": "10.5(2)SU1"
},
{
"status": "affected",
"version": "10.5(2)SU2"
},
{
"status": "affected",
"version": "10.5(2)SU3"
},
{
"status": "affected",
"version": "10.5(2)SU4"
},
{
"status": "affected",
"version": "10.5(2)SU5"
},
{
"status": "affected",
"version": "10.5(2)SU6"
},
{
"status": "affected",
"version": "10.5(2)SU7"
},
{
"status": "affected",
"version": "10.5(2)SU8"
},
{
"status": "affected",
"version": "10.5(2)SU9"
},
{
"status": "affected",
"version": "10.5(2)SU2a"
},
{
"status": "affected",
"version": "10.5(2)SU3a"
},
{
"status": "affected",
"version": "10.5(2)SU4a"
},
{
"status": "affected",
"version": "10.5(2)SU6a"
},
{
"status": "affected",
"version": "11.0(1)"
},
{
"status": "affected",
"version": "11.0(1a)"
},
{
"status": "affected",
"version": "11.0(1a)SU1"
},
{
"status": "affected",
"version": "11.0(1a)SU2"
},
{
"status": "affected",
"version": "11.0(1a)SU3"
},
{
"status": "affected",
"version": "11.0(1a)SU3a"
},
{
"status": "affected",
"version": "11.0(1a)SU4"
},
{
"status": "affected",
"version": "11.0.1"
},
{
"status": "affected",
"version": "11.0.2"
},
{
"status": "affected",
"version": "11.0.5"
},
{
"status": "affected",
"version": "11.5(1)"
},
{
"status": "affected",
"version": "11.5(1)SU1"
},
{
"status": "affected",
"version": "11.5(1)SU2"
},
{
"status": "affected",
"version": "11.5(1)SU3"
},
{
"status": "affected",
"version": "11.5(1)SU3a"
},
{
"status": "affected",
"version": "11.5(1)SU3b"
},
{
"status": "affected",
"version": "11.5(1)SU4"
},
{
"status": "affected",
"version": "11.5(1)SU5"
},
{
"status": "affected",
"version": "11.5(1)SU6"
},
{
"status": "affected",
"version": "11.5(1)SU7"
},
{
"status": "affected",
"version": "11.5(1)SU8"
},
{
"status": "affected",
"version": "11.5(1)SU9"
},
{
"status": "affected",
"version": "11.5(1)SU10"
},
{
"status": "affected",
"version": "11.5(1)SU11"
},
{
"status": "affected",
"version": "10.0(1)SU2"
},
{
"status": "affected",
"version": "10.0(1)"
},
{
"status": "affected",
"version": "10.0(1)SU1"
}
]
}
],
"descriptions": [
{
"lang": "en",
"value": "A vulnerability in multiple Cisco Unified Communications and Contact Center Solutions products could allow an unauthenticated, remote attacker to execute arbitrary code on an affected device. This vulnerability is due to the improper processing of user-provided data that is being read into memory. An attacker could exploit this vulnerability by sending a crafted message to a listening port of an affected device. A successful exploit could allow the attacker to execute arbitrary commands on the underlying operating system with the privileges of the web services user. With access to the underlying operating system, the attacker could also establish root access on the affected device."
}
],
"exploits": [
{
"lang": "en",
"value": "The Cisco PSIRT is not aware of any public announcements or malicious use of the vulnerability that is described in this advisory."
}
],
"metrics": [
{
"cvssV3_1": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "HIGH",
"baseScore": 9.9,
"baseSeverity": "CRITICAL",
"confidentialityImpact": "LOW",
"integrityImpact": "LOW",
"privilegesRequired": "NONE",
"scope": "CHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:C/C:L/I:L/A:H",
"version": "3.1"
},
"format": "cvssV3_1"
}
],
"problemTypes": [
{
"descriptions": [
{
"cweId": "CWE-502",
"description": "Deserialization of Untrusted Data",
"lang": "en",
"type": "cwe"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2024-02-02T15:42:33.881Z",
"orgId": "d1c1063e-7a18-46af-9102-31f8928bc633",
"shortName": "cisco"
},
"references": [
{
"name": "cisco-sa-cucm-rce-bWNzQcUm",
"url": "https://sec.cloudapps.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-cucm-rce-bWNzQcUm"
}
],
"source": {
"advisory": "cisco-sa-cucm-rce-bWNzQcUm",
"defects": [
"CSCwe18830",
"CSCwe18773",
"CSCwe18840",
"CSCwd64292",
"CSCwd64245",
"CSCwd64276"
],
"discovery": "EXTERNAL"
}
}
},
"cveMetadata": {
"assignerOrgId": "d1c1063e-7a18-46af-9102-31f8928bc633",
"assignerShortName": "cisco",
"cveId": "CVE-2024-20253",
"datePublished": "2024-01-26T17:28:30.761Z",
"dateReserved": "2023-11-08T15:08:07.622Z",
"dateUpdated": "2025-05-29T15:12:21.257Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2021-44228 (GCVE-0-2021-44228)
Vulnerability from nvd – Published: 2021-12-10 00:00 – Updated: 2025-10-21 23:25
VLAI?
Summary
Apache Log4j2 2.0-beta9 through 2.15.0 (excluding security releases 2.12.2, 2.12.3, and 2.3.1) JNDI features used in configuration, log messages, and parameters do not protect against attacker controlled LDAP and other JNDI related endpoints. An attacker who can control log messages or log message parameters can execute arbitrary code loaded from LDAP servers when message lookup substitution is enabled. From log4j 2.15.0, this behavior has been disabled by default. From version 2.16.0 (along with 2.12.2, 2.12.3, and 2.3.1), this functionality has been completely removed. Note that this vulnerability is specific to log4j-core and does not affect log4net, log4cxx, or other Apache Logging Services projects.
Severity ?
No CVSS data available.
CWE
Assigner
References
| URL | Tags | ||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
Impacted products
| Vendor | Product | Version | ||
|---|---|---|---|---|
| Apache Software Foundation | Apache Log4j2 |
Affected:
2.0-beta9 , < log4j-core*
(custom)
|
Credits
This issue was discovered by Chen Zhaojun of Alibaba Cloud Security Team.
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-04T04:17:24.696Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"tags": [
"x_transferred"
],
"url": "https://logging.apache.org/log4j/2.x/security.html"
},
{
"name": "[oss-security] 20211210 CVE-2021-44228: Apache Log4j2 JNDI features do not protect against attacker controlled LDAP and other JNDI related endpoints",
"tags": [
"mailing-list",
"x_transferred"
],
"url": "http://www.openwall.com/lists/oss-security/2021/12/10/1"
},
{
"name": "[oss-security] 20211210 Re: CVE-2021-44228: Apache Log4j2 JNDI features do not protect against attacker controlled LDAP and other JNDI related endpoints",
"tags": [
"mailing-list",
"x_transferred"
],
"url": "http://www.openwall.com/lists/oss-security/2021/12/10/2"
},
{
"name": "20211210 Vulnerability in Apache Log4j Library Affecting Cisco Products: December 2021",
"tags": [
"vendor-advisory",
"x_transferred"
],
"url": "https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-apache-log4j-qRuKNEbd"
},
{
"name": "[oss-security] 20211210 Re: CVE-2021-44228: Apache Log4j2 JNDI features do not protect against attacker controlled LDAP and other JNDI related endpoints",
"tags": [
"mailing-list",
"x_transferred"
],
"url": "http://www.openwall.com/lists/oss-security/2021/12/10/3"
},
{
"tags": [
"x_transferred"
],
"url": "https://security.netapp.com/advisory/ntap-20211210-0007/"
},
{
"tags": [
"x_transferred"
],
"url": "http://packetstormsecurity.com/files/165225/Apache-Log4j2-2.14.1-Remote-Code-Execution.html"
},
{
"tags": [
"x_transferred"
],
"url": "https://psirt.global.sonicwall.com/vuln-detail/SNWLID-2021-0032"
},
{
"tags": [
"x_transferred"
],
"url": "https://www.oracle.com/security-alerts/alert-cve-2021-44228.html"
},
{
"name": "DSA-5020",
"tags": [
"vendor-advisory",
"x_transferred"
],
"url": "https://www.debian.org/security/2021/dsa-5020"
},
{
"name": "[debian-lts-announce] 20211212 [SECURITY] [DLA 2842-1] apache-log4j2 security update",
"tags": [
"mailing-list",
"x_transferred"
],
"url": "https://lists.debian.org/debian-lts-announce/2021/12/msg00007.html"
},
{
"name": "FEDORA-2021-f0f501d01f",
"tags": [
"vendor-advisory",
"x_transferred"
],
"url": "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/VU57UJDCFIASIO35GC55JMKSRXJMCDFM/"
},
{
"name": "Microsoft\u2019s Response to CVE-2021-44228 Apache Log4j 2",
"tags": [
"vendor-advisory",
"x_transferred"
],
"url": "https://msrc-blog.microsoft.com/2021/12/11/microsofts-response-to-cve-2021-44228-apache-log4j2/"
},
{
"name": "[oss-security] 20211213 Re: CVE-2021-4104: Deserialization of untrusted data in JMSAppender in Apache Log4j 1.2",
"tags": [
"mailing-list",
"x_transferred"
],
"url": "http://www.openwall.com/lists/oss-security/2021/12/13/2"
},
{
"name": "[oss-security] 20211213 CVE-2021-4104: Deserialization of untrusted data in JMSAppender in Apache Log4j 1.2",
"tags": [
"mailing-list",
"x_transferred"
],
"url": "http://www.openwall.com/lists/oss-security/2021/12/13/1"
},
{
"name": "[oss-security] 20211214 CVE-2021-45046: Apache Log4j2 Thread Context Message Pattern and Context Lookup Pattern vulnerable to a denial of service attack",
"tags": [
"mailing-list",
"x_transferred"
],
"url": "http://www.openwall.com/lists/oss-security/2021/12/14/4"
},
{
"name": "20211210 A Vulnerability in Apache Log4j Library Affecting Cisco Products: December 2021",
"tags": [
"vendor-advisory",
"x_transferred"
],
"url": "https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-apache-log4j-qRuKNEbd"
},
{
"name": "VU#930724",
"tags": [
"third-party-advisory",
"x_transferred"
],
"url": "https://www.kb.cert.org/vuls/id/930724"
},
{
"tags": [
"x_transferred"
],
"url": "https://twitter.com/kurtseifried/status/1469345530182455296"
},
{
"tags": [
"x_transferred"
],
"url": "https://cert-portal.siemens.com/productcert/pdf/ssa-661247.pdf"
},
{
"tags": [
"x_transferred"
],
"url": "http://packetstormsecurity.com/files/165260/VMware-Security-Advisory-2021-0028.html"
},
{
"tags": [
"x_transferred"
],
"url": "http://packetstormsecurity.com/files/165270/Apache-Log4j2-2.14.1-Remote-Code-Execution.html"
},
{
"tags": [
"x_transferred"
],
"url": "http://packetstormsecurity.com/files/165261/Apache-Log4j2-2.14.1-Information-Disclosure.html"
},
{
"tags": [
"x_transferred"
],
"url": "https://www.intel.com/content/www/us/en/security-center/advisory/intel-sa-00646.html"
},
{
"name": "20211210 Vulnerabilities in Apache Log4j Library Affecting Cisco Products: December 2021",
"tags": [
"vendor-advisory",
"x_transferred"
],
"url": "https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-apache-log4j-qRuKNEbd"
},
{
"name": "[oss-security] 20211215 Re: CVE-2021-45046: Apache Log4j2 Thread Context Message Pattern and Context Lookup Pattern vulnerable to a denial of service attack",
"tags": [
"mailing-list",
"x_transferred"
],
"url": "http://www.openwall.com/lists/oss-security/2021/12/15/3"
},
{
"tags": [
"x_transferred"
],
"url": "http://packetstormsecurity.com/files/165282/Log4j-Payload-Generator.html"
},
{
"tags": [
"x_transferred"
],
"url": "http://packetstormsecurity.com/files/165281/Log4j2-Log4Shell-Regexes.html"
},
{
"tags": [
"x_transferred"
],
"url": "http://packetstormsecurity.com/files/165307/Log4j-Remote-Code-Execution-Word-Bypassing.html"
},
{
"tags": [
"x_transferred"
],
"url": "http://packetstormsecurity.com/files/165311/log4j-scan-Extensive-Scanner.html"
},
{
"tags": [
"x_transferred"
],
"url": "http://packetstormsecurity.com/files/165306/L4sh-Log4j-Remote-Code-Execution.html"
},
{
"tags": [
"x_transferred"
],
"url": "https://cert-portal.siemens.com/productcert/pdf/ssa-714170.pdf"
},
{
"name": "FEDORA-2021-66d6c484f3",
"tags": [
"vendor-advisory",
"x_transferred"
],
"url": "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/M5CSVUNV4HWZZXGOKNSK6L7RPM7BOKIB/"
},
{
"tags": [
"x_transferred"
],
"url": "http://packetstormsecurity.com/files/165371/VMware-Security-Advisory-2021-0028.4.html"
},
{
"tags": [
"x_transferred"
],
"url": "https://cert-portal.siemens.com/productcert/pdf/ssa-397453.pdf"
},
{
"tags": [
"x_transferred"
],
"url": "https://cert-portal.siemens.com/productcert/pdf/ssa-479842.pdf"
},
{
"tags": [
"x_transferred"
],
"url": "https://www.oracle.com/security-alerts/cpujan2022.html"
},
{
"tags": [
"x_transferred"
],
"url": "http://packetstormsecurity.com/files/165532/Log4Shell-HTTP-Header-Injection.html"
},
{
"tags": [
"x_transferred"
],
"url": "https://github.com/cisagov/log4j-affected-db/blob/develop/SOFTWARE-LIST.md"
},
{
"tags": [
"x_transferred"
],
"url": "http://packetstormsecurity.com/files/165642/VMware-vCenter-Server-Unauthenticated-Log4Shell-JNDI-Injection-Remote-Code-Execution.html"
},
{
"tags": [
"x_transferred"
],
"url": "http://packetstormsecurity.com/files/165673/UniFi-Network-Application-Unauthenticated-Log4Shell-Remote-Code-Execution.html"
},
{
"name": "20220314 APPLE-SA-2022-03-14-7 Xcode 13.3",
"tags": [
"mailing-list",
"x_transferred"
],
"url": "http://seclists.org/fulldisclosure/2022/Mar/23"
},
{
"tags": [
"x_transferred"
],
"url": "https://www.bentley.com/en/common-vulnerability-exposure/be-2022-0001"
},
{
"tags": [
"x_transferred"
],
"url": "https://github.com/cisagov/log4j-affected-db"
},
{
"tags": [
"x_transferred"
],
"url": "https://support.apple.com/kb/HT213189"
},
{
"tags": [
"x_transferred"
],
"url": "https://www.oracle.com/security-alerts/cpuapr2022.html"
},
{
"tags": [
"x_transferred"
],
"url": "https://github.com/nu11secur1ty/CVE-mitre/tree/main/CVE-2021-44228"
},
{
"tags": [
"x_transferred"
],
"url": "https://www.nu11secur1ty.com/2021/12/cve-2021-44228.html"
},
{
"name": "20220721 Open-Xchange Security Advisory 2022-07-21",
"tags": [
"mailing-list",
"x_transferred"
],
"url": "http://seclists.org/fulldisclosure/2022/Jul/11"
},
{
"tags": [
"x_transferred"
],
"url": "http://packetstormsecurity.com/files/167794/Open-Xchange-App-Suite-7.10.x-Cross-Site-Scripting-Command-Injection.html"
},
{
"tags": [
"x_transferred"
],
"url": "http://packetstormsecurity.com/files/167917/MobileIron-Log4Shell-Remote-Command-Execution.html"
},
{
"name": "20221208 Intel Data Center Manager \u003c= 5.1 Local Privileges Escalation",
"tags": [
"mailing-list",
"x_transferred"
],
"url": "http://seclists.org/fulldisclosure/2022/Dec/2"
},
{
"tags": [
"x_transferred"
],
"url": "http://packetstormsecurity.com/files/171626/AD-Manager-Plus-7122-Remote-Code-Execution.html"
}
],
"title": "CVE Program Container"
},
{
"metrics": [
{
"cvssV3_1": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "HIGH",
"baseScore": 10,
"baseSeverity": "CRITICAL",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"privilegesRequired": "NONE",
"scope": "CHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:C/C:H/I:H/A:H",
"version": "3.1"
}
},
{
"other": {
"content": {
"id": "CVE-2021-44228",
"options": [
{
"Exploitation": "active"
},
{
"Automatable": "yes"
},
{
"Technical Impact": "total"
}
],
"role": "CISA Coordinator",
"timestamp": "2025-02-04T14:25:34.416117Z",
"version": "2.0.3"
},
"type": "ssvc"
}
},
{
"other": {
"content": {
"dateAdded": "2021-12-10",
"reference": "https://www.cisa.gov/known-exploited-vulnerabilities-catalog?field_cve=CVE-2021-44228"
},
"type": "kev"
}
}
],
"providerMetadata": {
"dateUpdated": "2025-10-21T23:25:23.121Z",
"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"shortName": "CISA-ADP"
},
"references": [
{
"tags": [
"government-resource"
],
"url": "https://www.cisa.gov/known-exploited-vulnerabilities-catalog?field_cve=CVE-2021-44228"
}
],
"timeline": [
{
"lang": "en",
"time": "2021-12-10T00:00:00+00:00",
"value": "CVE-2021-44228 added to CISA KEV"
}
],
"title": "CISA ADP Vulnrichment"
}
],
"cna": {
"affected": [
{
"product": "Apache Log4j2",
"vendor": "Apache Software Foundation",
"versions": [
{
"changes": [
{
"at": "2.3.1",
"status": "unaffected"
},
{
"at": "2.4",
"status": "affected"
},
{
"at": "2.12.2",
"status": "unaffected"
},
{
"at": "2.13.0",
"status": "affected"
},
{
"at": "2.15.0",
"status": "unaffected"
}
],
"lessThan": "log4j-core*",
"status": "affected",
"version": "2.0-beta9",
"versionType": "custom"
}
]
}
],
"credits": [
{
"lang": "en",
"value": "This issue was discovered by Chen Zhaojun of Alibaba Cloud Security Team."
}
],
"descriptions": [
{
"lang": "en",
"value": "Apache Log4j2 2.0-beta9 through 2.15.0 (excluding security releases 2.12.2, 2.12.3, and 2.3.1) JNDI features used in configuration, log messages, and parameters do not protect against attacker controlled LDAP and other JNDI related endpoints. An attacker who can control log messages or log message parameters can execute arbitrary code loaded from LDAP servers when message lookup substitution is enabled. From log4j 2.15.0, this behavior has been disabled by default. From version 2.16.0 (along with 2.12.2, 2.12.3, and 2.3.1), this functionality has been completely removed. Note that this vulnerability is specific to log4j-core and does not affect log4net, log4cxx, or other Apache Logging Services projects."
}
],
"metrics": [
{
"other": {
"content": {
"other": "critical"
},
"type": "unknown"
}
}
],
"problemTypes": [
{
"descriptions": [
{
"cweId": "CWE-502",
"description": "CWE-502 Deserialization of Untrusted Data",
"lang": "en",
"type": "CWE"
}
]
},
{
"descriptions": [
{
"cweId": "CWE-400",
"description": "CWE-400 Uncontrolled Resource Consumption",
"lang": "en",
"type": "CWE"
}
]
},
{
"descriptions": [
{
"cweId": "CWE-20",
"description": "CWE-20 Improper Input Validation",
"lang": "en",
"type": "CWE"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2023-04-03T00:00:00.000Z",
"orgId": "f0158376-9dc2-43b6-827c-5f631a4d8d09",
"shortName": "apache"
},
"references": [
{
"url": "https://logging.apache.org/log4j/2.x/security.html"
},
{
"name": "[oss-security] 20211210 CVE-2021-44228: Apache Log4j2 JNDI features do not protect against attacker controlled LDAP and other JNDI related endpoints",
"tags": [
"mailing-list"
],
"url": "http://www.openwall.com/lists/oss-security/2021/12/10/1"
},
{
"name": "[oss-security] 20211210 Re: CVE-2021-44228: Apache Log4j2 JNDI features do not protect against attacker controlled LDAP and other JNDI related endpoints",
"tags": [
"mailing-list"
],
"url": "http://www.openwall.com/lists/oss-security/2021/12/10/2"
},
{
"name": "20211210 Vulnerability in Apache Log4j Library Affecting Cisco Products: December 2021",
"tags": [
"vendor-advisory"
],
"url": "https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-apache-log4j-qRuKNEbd"
},
{
"name": "[oss-security] 20211210 Re: CVE-2021-44228: Apache Log4j2 JNDI features do not protect against attacker controlled LDAP and other JNDI related endpoints",
"tags": [
"mailing-list"
],
"url": "http://www.openwall.com/lists/oss-security/2021/12/10/3"
},
{
"url": "https://security.netapp.com/advisory/ntap-20211210-0007/"
},
{
"url": "http://packetstormsecurity.com/files/165225/Apache-Log4j2-2.14.1-Remote-Code-Execution.html"
},
{
"url": "https://psirt.global.sonicwall.com/vuln-detail/SNWLID-2021-0032"
},
{
"url": "https://www.oracle.com/security-alerts/alert-cve-2021-44228.html"
},
{
"name": "DSA-5020",
"tags": [
"vendor-advisory"
],
"url": "https://www.debian.org/security/2021/dsa-5020"
},
{
"name": "[debian-lts-announce] 20211212 [SECURITY] [DLA 2842-1] apache-log4j2 security update",
"tags": [
"mailing-list"
],
"url": "https://lists.debian.org/debian-lts-announce/2021/12/msg00007.html"
},
{
"name": "FEDORA-2021-f0f501d01f",
"tags": [
"vendor-advisory"
],
"url": "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/VU57UJDCFIASIO35GC55JMKSRXJMCDFM/"
},
{
"name": "Microsoft\u2019s Response to CVE-2021-44228 Apache Log4j 2",
"tags": [
"vendor-advisory"
],
"url": "https://msrc-blog.microsoft.com/2021/12/11/microsofts-response-to-cve-2021-44228-apache-log4j2/"
},
{
"name": "[oss-security] 20211213 Re: CVE-2021-4104: Deserialization of untrusted data in JMSAppender in Apache Log4j 1.2",
"tags": [
"mailing-list"
],
"url": "http://www.openwall.com/lists/oss-security/2021/12/13/2"
},
{
"name": "[oss-security] 20211213 CVE-2021-4104: Deserialization of untrusted data in JMSAppender in Apache Log4j 1.2",
"tags": [
"mailing-list"
],
"url": "http://www.openwall.com/lists/oss-security/2021/12/13/1"
},
{
"name": "[oss-security] 20211214 CVE-2021-45046: Apache Log4j2 Thread Context Message Pattern and Context Lookup Pattern vulnerable to a denial of service attack",
"tags": [
"mailing-list"
],
"url": "http://www.openwall.com/lists/oss-security/2021/12/14/4"
},
{
"name": "20211210 A Vulnerability in Apache Log4j Library Affecting Cisco Products: December 2021",
"tags": [
"vendor-advisory"
],
"url": "https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-apache-log4j-qRuKNEbd"
},
{
"name": "VU#930724",
"tags": [
"third-party-advisory"
],
"url": "https://www.kb.cert.org/vuls/id/930724"
},
{
"url": "https://twitter.com/kurtseifried/status/1469345530182455296"
},
{
"url": "https://cert-portal.siemens.com/productcert/pdf/ssa-661247.pdf"
},
{
"url": "http://packetstormsecurity.com/files/165260/VMware-Security-Advisory-2021-0028.html"
},
{
"url": "http://packetstormsecurity.com/files/165270/Apache-Log4j2-2.14.1-Remote-Code-Execution.html"
},
{
"url": "http://packetstormsecurity.com/files/165261/Apache-Log4j2-2.14.1-Information-Disclosure.html"
},
{
"url": "https://www.intel.com/content/www/us/en/security-center/advisory/intel-sa-00646.html"
},
{
"name": "20211210 Vulnerabilities in Apache Log4j Library Affecting Cisco Products: December 2021",
"tags": [
"vendor-advisory"
],
"url": "https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-apache-log4j-qRuKNEbd"
},
{
"name": "[oss-security] 20211215 Re: CVE-2021-45046: Apache Log4j2 Thread Context Message Pattern and Context Lookup Pattern vulnerable to a denial of service attack",
"tags": [
"mailing-list"
],
"url": "http://www.openwall.com/lists/oss-security/2021/12/15/3"
},
{
"url": "http://packetstormsecurity.com/files/165282/Log4j-Payload-Generator.html"
},
{
"url": "http://packetstormsecurity.com/files/165281/Log4j2-Log4Shell-Regexes.html"
},
{
"url": "http://packetstormsecurity.com/files/165307/Log4j-Remote-Code-Execution-Word-Bypassing.html"
},
{
"url": "http://packetstormsecurity.com/files/165311/log4j-scan-Extensive-Scanner.html"
},
{
"url": "http://packetstormsecurity.com/files/165306/L4sh-Log4j-Remote-Code-Execution.html"
},
{
"url": "https://cert-portal.siemens.com/productcert/pdf/ssa-714170.pdf"
},
{
"name": "FEDORA-2021-66d6c484f3",
"tags": [
"vendor-advisory"
],
"url": "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/M5CSVUNV4HWZZXGOKNSK6L7RPM7BOKIB/"
},
{
"url": "http://packetstormsecurity.com/files/165371/VMware-Security-Advisory-2021-0028.4.html"
},
{
"url": "https://cert-portal.siemens.com/productcert/pdf/ssa-397453.pdf"
},
{
"url": "https://cert-portal.siemens.com/productcert/pdf/ssa-479842.pdf"
},
{
"url": "https://www.oracle.com/security-alerts/cpujan2022.html"
},
{
"url": "http://packetstormsecurity.com/files/165532/Log4Shell-HTTP-Header-Injection.html"
},
{
"url": "https://github.com/cisagov/log4j-affected-db/blob/develop/SOFTWARE-LIST.md"
},
{
"url": "http://packetstormsecurity.com/files/165642/VMware-vCenter-Server-Unauthenticated-Log4Shell-JNDI-Injection-Remote-Code-Execution.html"
},
{
"url": "http://packetstormsecurity.com/files/165673/UniFi-Network-Application-Unauthenticated-Log4Shell-Remote-Code-Execution.html"
},
{
"name": "20220314 APPLE-SA-2022-03-14-7 Xcode 13.3",
"tags": [
"mailing-list"
],
"url": "http://seclists.org/fulldisclosure/2022/Mar/23"
},
{
"url": "https://www.bentley.com/en/common-vulnerability-exposure/be-2022-0001"
},
{
"url": "https://github.com/cisagov/log4j-affected-db"
},
{
"url": "https://support.apple.com/kb/HT213189"
},
{
"url": "https://www.oracle.com/security-alerts/cpuapr2022.html"
},
{
"url": "https://github.com/nu11secur1ty/CVE-mitre/tree/main/CVE-2021-44228"
},
{
"url": "https://www.nu11secur1ty.com/2021/12/cve-2021-44228.html"
},
{
"name": "20220721 Open-Xchange Security Advisory 2022-07-21",
"tags": [
"mailing-list"
],
"url": "http://seclists.org/fulldisclosure/2022/Jul/11"
},
{
"url": "http://packetstormsecurity.com/files/167794/Open-Xchange-App-Suite-7.10.x-Cross-Site-Scripting-Command-Injection.html"
},
{
"url": "http://packetstormsecurity.com/files/167917/MobileIron-Log4Shell-Remote-Command-Execution.html"
},
{
"name": "20221208 Intel Data Center Manager \u003c= 5.1 Local Privileges Escalation",
"tags": [
"mailing-list"
],
"url": "http://seclists.org/fulldisclosure/2022/Dec/2"
},
{
"url": "http://packetstormsecurity.com/files/171626/AD-Manager-Plus-7122-Remote-Code-Execution.html"
}
],
"source": {
"discovery": "UNKNOWN"
},
"title": "Apache Log4j2 JNDI features do not protect against attacker controlled LDAP and other JNDI related endpoints",
"x_generator": {
"engine": "Vulnogram 0.0.9"
}
}
},
"cveMetadata": {
"assignerOrgId": "f0158376-9dc2-43b6-827c-5f631a4d8d09",
"assignerShortName": "apache",
"cveId": "CVE-2021-44228",
"datePublished": "2021-12-10T00:00:00.000Z",
"dateReserved": "2021-11-26T00:00:00.000Z",
"dateUpdated": "2025-10-21T23:25:23.121Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2021-1575 (GCVE-0-2021-1575)
Vulnerability from nvd – Published: 2021-07-08 18:30 – Updated: 2024-11-07 22:07
VLAI?
Summary
A vulnerability in the web-based management interface of Cisco Virtualized Voice Browser could allow an unauthenticated, remote attacker to conduct a cross-site scripting (XSS) attack against a user of the interface. This vulnerability exists because the web-based management interface does not properly validate user-supplied input. An attacker could exploit this vulnerability by persuading a user of an affected interface to click a crafted link. A successful exploit could allow the attacker to execute arbitrary script code in the context of the affected interface or access sensitive, browser-based information.
Severity ?
6.1 (Medium)
CWE
Assigner
References
| URL | Tags | ||||
|---|---|---|---|---|---|
|
|||||
Impacted products
| Vendor | Product | Version | ||
|---|---|---|---|---|
| Cisco | Cisco Virtualized Voice Browser |
Affected:
n/a
|
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-03T16:18:10.282Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"name": "20210707 Cisco Virtualized Voice Browser Cross-Site Scripting Vulnerability",
"tags": [
"vendor-advisory",
"x_refsource_CISCO",
"x_transferred"
],
"url": "https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-vvb-xss-wG4zXRp3"
}
],
"title": "CVE Program Container"
},
{
"metrics": [
{
"other": {
"content": {
"id": "CVE-2021-1575",
"options": [
{
"Exploitation": "none"
},
{
"Automatable": "no"
},
{
"Technical Impact": "partial"
}
],
"role": "CISA Coordinator",
"timestamp": "2024-11-07T21:41:28.920055Z",
"version": "2.0.3"
},
"type": "ssvc"
}
}
],
"providerMetadata": {
"dateUpdated": "2024-11-07T22:07:36.525Z",
"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"shortName": "CISA-ADP"
},
"title": "CISA ADP Vulnrichment"
}
],
"cna": {
"affected": [
{
"product": "Cisco Virtualized Voice Browser",
"vendor": "Cisco",
"versions": [
{
"status": "affected",
"version": "n/a"
}
]
}
],
"datePublic": "2021-07-07T00:00:00",
"descriptions": [
{
"lang": "en",
"value": "A vulnerability in the web-based management interface of Cisco Virtualized Voice Browser could allow an unauthenticated, remote attacker to conduct a cross-site scripting (XSS) attack against a user of the interface. This vulnerability exists because the web-based management interface does not properly validate user-supplied input. An attacker could exploit this vulnerability by persuading a user of an affected interface to click a crafted link. A successful exploit could allow the attacker to execute arbitrary script code in the context of the affected interface or access sensitive, browser-based information."
}
],
"exploits": [
{
"lang": "en",
"value": "The Cisco Product Security Incident Response Team (PSIRT) is not aware of any public announcements or malicious use of the vulnerability that is described in this advisory."
}
],
"metrics": [
{
"cvssV3_1": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "NONE",
"baseScore": 6.1,
"baseSeverity": "MEDIUM",
"confidentialityImpact": "LOW",
"integrityImpact": "LOW",
"privilegesRequired": "NONE",
"scope": "CHANGED",
"userInteraction": "REQUIRED",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N",
"version": "3.1"
}
}
],
"problemTypes": [
{
"descriptions": [
{
"cweId": "CWE-79",
"description": "CWE-79",
"lang": "en",
"type": "CWE"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2021-07-08T18:30:18",
"orgId": "d1c1063e-7a18-46af-9102-31f8928bc633",
"shortName": "cisco"
},
"references": [
{
"name": "20210707 Cisco Virtualized Voice Browser Cross-Site Scripting Vulnerability",
"tags": [
"vendor-advisory",
"x_refsource_CISCO"
],
"url": "https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-vvb-xss-wG4zXRp3"
}
],
"source": {
"advisory": "cisco-sa-vvb-xss-wG4zXRp3",
"defect": [
[
"CSCvx89188"
]
],
"discovery": "INTERNAL"
},
"title": "Cisco Virtualized Voice Browser Cross-Site Scripting Vulnerability",
"x_legacyV4Record": {
"CVE_data_meta": {
"ASSIGNER": "psirt@cisco.com",
"DATE_PUBLIC": "2021-07-07T16:00:00",
"ID": "CVE-2021-1575",
"STATE": "PUBLIC",
"TITLE": "Cisco Virtualized Voice Browser Cross-Site Scripting Vulnerability"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "Cisco Virtualized Voice Browser",
"version": {
"version_data": [
{
"version_value": "n/a"
}
]
}
}
]
},
"vendor_name": "Cisco"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "A vulnerability in the web-based management interface of Cisco Virtualized Voice Browser could allow an unauthenticated, remote attacker to conduct a cross-site scripting (XSS) attack against a user of the interface. This vulnerability exists because the web-based management interface does not properly validate user-supplied input. An attacker could exploit this vulnerability by persuading a user of an affected interface to click a crafted link. A successful exploit could allow the attacker to execute arbitrary script code in the context of the affected interface or access sensitive, browser-based information."
}
]
},
"exploit": [
{
"lang": "en",
"value": "The Cisco Product Security Incident Response Team (PSIRT) is not aware of any public announcements or malicious use of the vulnerability that is described in this advisory."
}
],
"impact": {
"cvss": {
"baseScore": "6.1",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N",
"version": "3.0"
}
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "CWE-79"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "20210707 Cisco Virtualized Voice Browser Cross-Site Scripting Vulnerability",
"refsource": "CISCO",
"url": "https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-vvb-xss-wG4zXRp3"
}
]
},
"source": {
"advisory": "cisco-sa-vvb-xss-wG4zXRp3",
"defect": [
[
"CSCvx89188"
]
],
"discovery": "INTERNAL"
}
}
}
},
"cveMetadata": {
"assignerOrgId": "d1c1063e-7a18-46af-9102-31f8928bc633",
"assignerShortName": "cisco",
"cveId": "CVE-2021-1575",
"datePublished": "2021-07-08T18:30:18.612729Z",
"dateReserved": "2020-11-13T00:00:00",
"dateUpdated": "2024-11-07T22:07:36.525Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2017-6779 (GCVE-0-2017-6779)
Vulnerability from nvd – Published: 2018-06-07 12:00 – Updated: 2024-11-29 15:07
VLAI?
Summary
Multiple Cisco products are affected by a vulnerability in local file management for certain system log files of Cisco collaboration products that could allow an unauthenticated, remote attacker to cause high disk utilization, resulting in a denial of service (DoS) condition. The vulnerability occurs because a certain system log file does not have a maximum size restriction. Therefore, the file is allowed to consume the majority of available disk space on the appliance. An attacker could exploit this vulnerability by sending crafted remote connection requests to the appliance. Successful exploitation could allow the attacker to increase the size of a system log file so that it consumes most of the disk space. The lack of available disk space could lead to a DoS condition in which the application functions could operate abnormally, making the appliance unstable. This vulnerability affects the following Cisco Voice Operating System (VOS)-based products: Emergency Responder, Finesse, Hosted Collaboration Mediation Fulfillment, MediaSense, Prime License Manager, SocialMiner, Unified Communications Manager (UCM), Unified Communications Manager IM and Presence Service (IM&P - earlier releases were known as Cisco Unified Presence), Unified Communication Manager Session Management Edition (SME), Unified Contact Center Express (UCCx), Unified Intelligence Center (UIC), Unity Connection, Virtualized Voice Browser. This vulnerability also affects Prime Collaboration Assurance and Prime Collaboration Provisioning. Cisco Bug IDs: CSCvd10872, CSCvf64322, CSCvf64332, CSCvi29538, CSCvi29543, CSCvi29544, CSCvi29546, CSCvi29556, CSCvi29571, CSCvi31738, CSCvi31741, CSCvi31762, CSCvi31807, CSCvi31818, CSCvi31823.
Severity ?
No CVSS data available.
CWE
Assigner
References
| URL | Tags | ||||
|---|---|---|---|---|---|
|
|||||
Impacted products
| Vendor | Product | Version | ||
|---|---|---|---|---|
| n/a | Multiple Cisco Products unknown |
Affected:
Multiple Cisco Products unknown
|
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-05T15:41:17.143Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"tags": [
"x_refsource_CONFIRM",
"x_transferred"
],
"url": "https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20180606-diskdos"
}
],
"title": "CVE Program Container"
},
{
"metrics": [
{
"other": {
"content": {
"id": "CVE-2017-6779",
"options": [
{
"Exploitation": "none"
},
{
"Automatable": "yes"
},
{
"Technical Impact": "partial"
}
],
"role": "CISA Coordinator",
"timestamp": "2024-11-29T14:43:53.428544Z",
"version": "2.0.3"
},
"type": "ssvc"
}
}
],
"providerMetadata": {
"dateUpdated": "2024-11-29T15:07:21.731Z",
"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"shortName": "CISA-ADP"
},
"title": "CISA ADP Vulnrichment"
}
],
"cna": {
"affected": [
{
"product": "Multiple Cisco Products unknown",
"vendor": "n/a",
"versions": [
{
"status": "affected",
"version": "Multiple Cisco Products unknown"
}
]
}
],
"datePublic": "2018-06-07T00:00:00",
"descriptions": [
{
"lang": "en",
"value": "Multiple Cisco products are affected by a vulnerability in local file management for certain system log files of Cisco collaboration products that could allow an unauthenticated, remote attacker to cause high disk utilization, resulting in a denial of service (DoS) condition. The vulnerability occurs because a certain system log file does not have a maximum size restriction. Therefore, the file is allowed to consume the majority of available disk space on the appliance. An attacker could exploit this vulnerability by sending crafted remote connection requests to the appliance. Successful exploitation could allow the attacker to increase the size of a system log file so that it consumes most of the disk space. The lack of available disk space could lead to a DoS condition in which the application functions could operate abnormally, making the appliance unstable. This vulnerability affects the following Cisco Voice Operating System (VOS)-based products: Emergency Responder, Finesse, Hosted Collaboration Mediation Fulfillment, MediaSense, Prime License Manager, SocialMiner, Unified Communications Manager (UCM), Unified Communications Manager IM and Presence Service (IM\u0026P - earlier releases were known as Cisco Unified Presence), Unified Communication Manager Session Management Edition (SME), Unified Contact Center Express (UCCx), Unified Intelligence Center (UIC), Unity Connection, Virtualized Voice Browser. This vulnerability also affects Prime Collaboration Assurance and Prime Collaboration Provisioning. Cisco Bug IDs: CSCvd10872, CSCvf64322, CSCvf64332, CSCvi29538, CSCvi29543, CSCvi29544, CSCvi29546, CSCvi29556, CSCvi29571, CSCvi31738, CSCvi31741, CSCvi31762, CSCvi31807, CSCvi31818, CSCvi31823."
}
],
"problemTypes": [
{
"descriptions": [
{
"cweId": "CWE-399",
"description": "CWE-399",
"lang": "en",
"type": "CWE"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2018-06-07T11:57:01",
"orgId": "d1c1063e-7a18-46af-9102-31f8928bc633",
"shortName": "cisco"
},
"references": [
{
"tags": [
"x_refsource_CONFIRM"
],
"url": "https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20180606-diskdos"
}
],
"x_legacyV4Record": {
"CVE_data_meta": {
"ASSIGNER": "psirt@cisco.com",
"ID": "CVE-2017-6779",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "Multiple Cisco Products unknown",
"version": {
"version_data": [
{
"version_value": "Multiple Cisco Products unknown"
}
]
}
}
]
},
"vendor_name": "n/a"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "Multiple Cisco products are affected by a vulnerability in local file management for certain system log files of Cisco collaboration products that could allow an unauthenticated, remote attacker to cause high disk utilization, resulting in a denial of service (DoS) condition. The vulnerability occurs because a certain system log file does not have a maximum size restriction. Therefore, the file is allowed to consume the majority of available disk space on the appliance. An attacker could exploit this vulnerability by sending crafted remote connection requests to the appliance. Successful exploitation could allow the attacker to increase the size of a system log file so that it consumes most of the disk space. The lack of available disk space could lead to a DoS condition in which the application functions could operate abnormally, making the appliance unstable. This vulnerability affects the following Cisco Voice Operating System (VOS)-based products: Emergency Responder, Finesse, Hosted Collaboration Mediation Fulfillment, MediaSense, Prime License Manager, SocialMiner, Unified Communications Manager (UCM), Unified Communications Manager IM and Presence Service (IM\u0026P - earlier releases were known as Cisco Unified Presence), Unified Communication Manager Session Management Edition (SME), Unified Contact Center Express (UCCx), Unified Intelligence Center (UIC), Unity Connection, Virtualized Voice Browser. This vulnerability also affects Prime Collaboration Assurance and Prime Collaboration Provisioning. Cisco Bug IDs: CSCvd10872, CSCvf64322, CSCvf64332, CSCvi29538, CSCvi29543, CSCvi29544, CSCvi29546, CSCvi29556, CSCvi29571, CSCvi31738, CSCvi31741, CSCvi31762, CSCvi31807, CSCvi31818, CSCvi31823."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "CWE-399"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20180606-diskdos",
"refsource": "CONFIRM",
"url": "https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20180606-diskdos"
}
]
}
}
}
},
"cveMetadata": {
"assignerOrgId": "d1c1063e-7a18-46af-9102-31f8928bc633",
"assignerShortName": "cisco",
"cveId": "CVE-2017-6779",
"datePublished": "2018-06-07T12:00:00",
"dateReserved": "2017-03-09T00:00:00",
"dateUpdated": "2024-11-29T15:07:21.731Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}