This CPE summary could be partial or incomplete. Please contact us for a detailed listing.
Summary
Summuary | |
---|---|
CPE Name | cpe:/a:cisco:unified_communications_manager:5.1:(2) |
Detail | |||
---|---|---|---|
Vendor | Cisco | First view | 2008-05-16 |
Product | Unified Communications Manager | Last view | 2014-11-13 |
Version | 5.1 | Type | Application |
Edition | |||
Language | |||
Update | (2) | ||
CPE Product | cpe:/a:cisco:unified_communications_manager |
Activity : Overall
Related : CVE
This CPE have more than 25 Relations. If you want to see a complete summary for this CPE, please contact us.
Date | Alert | Access Vector | Access Complexity | Authentication | ||
---|---|---|---|---|---|---|
4.3 | 2014-11-13 | CVE-2014-7991 | Network | Medium | None Requ... | |
4 | 2014-08-11 | CVE-2014-3332 | Network | Low | Requires ... | |
6.8 | 2014-02-26 | CVE-2014-0747 | Local | Low | Requires ... | |
5 | 2014-02-26 | CVE-2014-0743 | Network | Low | None Requ... | |
6.2 | 2014-02-26 | CVE-2014-0742 | Local | Low | Requires ... | |
Date | Alert | Access Vector | Access Complexity | Authentication | ||
---|---|---|---|---|---|---|
6.2 | 2014-02-26 | CVE-2014-0741 | Local | Low | Requires ... | |
6.8 | 2014-02-26 | CVE-2014-0740 | Network | Medium | None Requ... | |
5 | 2014-02-22 | CVE-2014-0731 | Network | Low | None Requ... | |
6.8 | 2014-02-20 | CVE-2014-0736 | Network | Medium | None Requ... | |
4.3 | 2014-02-20 | CVE-2014-0735 | Network | Medium | None Requ... | |
7.5 | 2014-02-20 | CVE-2014-0734 | Network | Low | None Requ... | |
5 | 2014-02-20 | CVE-2014-0733 | Network | Low | None Requ... | |
5 | 2014-02-20 | CVE-2014-0732 | Network | Low | None Requ... | |
7.5 | 2014-02-13 | CVE-2014-0728 | Network | Low | None Requ... | |
7.5 | 2014-02-13 | CVE-2014-0726 | Network | Low | None Requ... | |
4 | 2014-02-13 | CVE-2014-0724 | Network | Low | Requires ... | |
6 | 2014-02-04 | CVE-2014-0686 | Local | High | Requires ... | |
4 | 2014-01-08 | CVE-2014-0657 | Network | Low | Requires ... | |
4 | 2013-12-21 | CVE-2013-6978 | Network | Low | Requires ... | |
6.9 | 2013-11-17 | CVE-2013-6689 | Local | Medium | None Requ... | |
6.3 | 2013-11-17 | CVE-2013-6688 | Network | Medium | Requires ... | |
7.8 | 2013-08-22 | CVE-2013-3453 | Network | Low | None Requ... | |
7.8 | 2010-08-26 | CVE-2010-2838 | Network | Low | None Requ... | |
7.8 | 2010-08-26 | CVE-2010-2837 | Network | Low | None Requ... |
CWE : Common Weakness Enumeration
% | id | Name |
---|---|---|
34% (10) | CWE-20 | Improper Input Validation |
10% (3) | CWE-399 | Resource Management Errors |
10% (3) | CWE-287 | Improper Authentication |
10% (3) | CWE-264 | Permissions, Privileges, and Access Controls |
10% (3) | CWE-89 | Improper Sanitization of Special Elements used in an SQL Command ('... |
% | id | Name |
---|---|---|
6% (2) | CWE-352 | Cross-Site Request Forgery (CSRF) |
6% (2) | CWE-310 | Cryptographic Issues |
3% (1) | CWE-200 | Information Exposure |
3% (1) | CWE-79 | Failure to Preserve Web Page Structure ('Cross-site Scripting') |
3% (1) | CWE-22 | Improper Limitation of a Pathname to a Restricted Directory ('Path ... |
CAPEC : Common Attack Pattern Enumeration & Classification
id | Name |
---|---|
CAPEC-2 | Inducing Account Lockout |
CAPEC-82 | Violating Implicit Assumptions Regarding XML Content (aka XML Denial of Servi... |
CAPEC-99 | XML Parser Attack |
CAPEC-119 | Resource Depletion |
CAPEC-121 | Locate and Exploit Test APIs |
id | Name |
---|---|
CAPEC-125 | Resource Depletion through Flooding |
CAPEC-130 | Resource Depletion through Allocation |
CAPEC-147 | XML Ping of Death |
CAPEC-197 | XEE (XML Entity Expansion) |
CAPEC-227 | Denial of Service through Resource Depletion |
CAPEC-228 | Resource Depletion through DTD Injection in a SOAP Message |
CAPEC-229 | XML Attribute Blowup |
Open Source Vulnerability Database (OSVDB)
id | Description |
---|---|
67565 | Cisco Unified Communications Manager SIPStationInit Malformed SIP Message Rem... |
67564 | Cisco Unified Communications Manager SendCombinedStatusInfo Malformed SIP REG... |
57456 | Cisco Unified Communications Manager SIP Packet Processing Unspecified Remote... |
57455 | Cisco Unified Communications Manager SCCP Packet Handling Unspecified Remote DoS |
57454 | Cisco Unified Communications Manager Embedded Firewall Network Connection Sat... |
id | Description |
---|---|
57453 | Cisco Unified Communications Manager SIP Trunk Malformed Packet Handling Remo... |
57452 | Cisco Unified Communications Manager Unspecified SIP Packet Handling Remote DoS |
52317 | Cisco Unified Communications Manager Certificate Authority Proxy Function (CA... |
46814 | Cisco Unified Communications Manager (CUCM) Computer Telephony Integration (C... |
45209 | Cisco Unified Communications Manager Certificate Trust List (CTL) Provider Se... |
45208 | Cisco Unified Communications Manager Certificate Trust List (CTL) Provider Se... |
45206 | Cisco Unified Communications Manager SIP JOIN Message Handling Remote DoS |
45205 | Cisco Unified Communications Manager SNMP Trap Agent Service Malformed UDP Pa... |
45204 | Cisco Unified Communications Manager SIP INVITE Handling Remote DoS (CSCsk46944) |
45203 | Cisco Unified Communications Manager SIP INVITE Handling Remote DoS (CSCsl22355) |
Information Assurance Vulnerability Management (IAVM)
id | Description |
---|---|
2013-B-0094 | Cisco Unified Communications Manager IM and Presence Service Remote Denial of... Severity : Category I - VMSKEY : V0040164 |
Nessus® Vulnerability Scanner
id | Description |
---|---|
2014-12-29 | Name : The remote device is affected by a security bypass vulnerability. File : cisco_cucm_CSCuq86376.nasl - Type : ACT_GATHER_INFO |
2013-09-03 | Name : The remote host is missing a vendor-supplied security patch. File : cisco-sa-20130821-cups.nasl - Type : ACT_GATHER_INFO |
2010-09-22 | Name : The remote device is missing a vendor-supplied security patch. File : cisco-sa-20100922-siphttp.nasl - Type : ACT_GATHER_INFO |