This CPE summary could be partial or incomplete. Please contact us for a detailed listing.

Summary

Summuary
CPE Namecpe:/a:cisco:unified_communications_manager:5.1(2)
Detail
VendorCiscoFirst view 2007-07-15
ProductUnified Communications ManagerLast view 2014-01-08
Version5.1(2)TypeApplication
Edition 
Language 
Update 
 
CPE Productcpe:/a:cisco:unified_communications_manager

Activity : Overall

Related : CVE

 DateAlertAccess VectorAccess ComplexityAuthentication
42014-01-08CVE-2014-0657NetworkLowRequires ...
42013-12-21CVE-2013-6978NetworkLowRequires ...
6.92013-11-17CVE-2013-6689LocalMediumNone Requ...
6.32013-11-17CVE-2013-6688NetworkMediumRequires ...
7.82013-08-22CVE-2013-3453NetworkLowNone Requ...
Hide | Show 13 More...
 DateAlertAccess VectorAccess ComplexityAuthentication
7.82011-10-27CVE-2011-3315NetworkLowNone Requ...
7.82009-09-28CVE-2009-2864NetworkLowNone Requ...
7.82009-08-27CVE-2009-2054NetworkLowNone Requ...
7.82009-08-27CVE-2009-2053NetworkLowNone Requ...
7.82009-08-27CVE-2009-2052NetworkLowNone Requ...
7.82009-08-27CVE-2009-2051NetworkLowNone Requ...
7.82009-08-27CVE-2009-2050NetworkLowNone Requ...
92009-03-12CVE-2009-0632NetworkLowRequires ...
4.32009-01-22CVE-2009-0057NetworkMediumNone Requ...
102007-10-17CVE-2007-5538NetworkLowNone Requ...
7.82007-10-17CVE-2007-5537NetworkLowNone Requ...
52007-07-15CVE-2007-3776NetworkLowNone Requ...
7.82007-07-15CVE-2007-3775NetworkLowNone Requ...

CWE : Common Weakness Enumeration

%idName
20% (2)CWE-399Resource Management Errors
20% (2)CWE-22Improper Limitation of a Pathname to a Restricted Directory ('Path ...
20% (2)CWE-20Improper Input Validation
10% (1)CWE-264Permissions, Privileges, and Access Controls
10% (1)CWE-255Credentials Management
Hide | Show 2 More...
%idName
10% (1)CWE-200Information Exposure
10% (1)CWE-119Failure to Constrain Operations within the Bounds of a Memory Buffer

CAPEC : Common Attack Pattern Enumeration & Classification

idName
CAPEC-2Inducing Account Lockout
CAPEC-82Violating Implicit Assumptions Regarding XML Content (aka XML Denial of Servi...
CAPEC-99XML Parser Attack
CAPEC-119Resource Depletion
CAPEC-121Locate and Exploit Test APIs
Hide | Show 7 More...
idName
CAPEC-125Resource Depletion through Flooding
CAPEC-130Resource Depletion through Allocation
CAPEC-147XML Ping of Death
CAPEC-197XEE (XML Entity Expansion)
CAPEC-227Denial of Service through Resource Depletion
CAPEC-228Resource Depletion through DTD Injection in a SOAP Message
CAPEC-229XML Attribute Blowup

Open Source Vulnerability Database (OSVDB)

idDescription
76572Cisco Multiple Products Unspecified URI Traversal Aribtrary File Access
58344Cisco Unified Communications Manager Malformed SIP Packet Processing Remote DoS
57456Cisco Unified Communications Manager SIP Packet Processing Unspecified Remote...
57455Cisco Unified Communications Manager SCCP Packet Handling Unspecified Remote DoS
57454Cisco Unified Communications Manager Embedded Firewall Network Connection Sat...
Hide | Show 8 More...
idDescription
57453Cisco Unified Communications Manager SIP Trunk Malformed Packet Handling Remo...
57452Cisco Unified Communications Manager Unspecified SIP Packet Handling Remote DoS
52589Cisco Unified Communications Manager IP Phone PAB Disclosure Privilege Escala...
52317Cisco Unified Communications Manager Certificate Authority Proxy Function (CA...
37941Cisco Unified Communications Manager (CUCM) SIP INVITE Message Saturation Rem...
37940Cisco Unified Communications Manager (CUCM) Centralized TFTP File Locator Ser...
36124Cisco CUCM / CUPS Unspecified SNMP Information Disclosure
36123Cisco CUCM / CUPS Unspecified Cluster Services DoS

OpenVAS Exploits

idDescription
2012-01-26Name : Multiple Cisco Products 'file' Parameter () Directory Traversal Vulnerability
File : nvt/gb_cisco_multiple_products_50372.nasl
2009-03-13Name : Ubuntu USN-731-1 (apache2)
File : nvt/ubuntu_731_1.nasl
2009-03-13Name : Ubuntu USN-732-1 (dash)
File : nvt/ubuntu_732_1.nasl

Information Assurance Vulnerability Management (IAVM)

idDescription
2013-B-0094Cisco Unified Communications Manager IM and Presence Service Remote Denial of...
Severity : Category I - VMSKEY : V0040164

Nessus® Vulnerability Scanner

idDescription
2013-09-03Name : The remote host is missing a vendor-supplied security patch.
File : cisco-sa-20130821-cups.nasl - Type : ACT_GATHER_INFO
2010-09-22Name : The remote device is missing a vendor-supplied security patch.
File : cisco-sa-20100922-siphttp.nasl - Type : ACT_GATHER_INFO