This CPE summary could be partial or incomplete. Please contact us for a detailed listing.

Summary

Summuary
CPE Name cpe:/a:cisco:unified_communications_manager:5.1:
Detail
Vendor Cisco First view 2007-08-09
Product Unified Communications Manager Last view 2014-01-08
Version 5.1 Type Application
Edition  
Language  
Update  
 
CPE Product cpe:/a:cisco:unified_communications_manager

Activity : Overall

Related : CVE

 DateAlertAccess VectorAccess ComplexityAuthentication
4 2014-01-08 CVE-2014-0657 Network Low Requires ...
4 2013-12-21 CVE-2013-6978 Network Low Requires ...
6.9 2013-11-17 CVE-2013-6689 Local Medium None Requ...
6.3 2013-11-17 CVE-2013-6688 Network Medium Requires ...
7.8 2013-08-22 CVE-2013-3453 Network Low None Requ...
Hide | Show 12 More...
 DateAlertAccess VectorAccess ComplexityAuthentication
7.8 2011-10-27 CVE-2011-3315 Network Low None Requ...
7.8 2009-08-27 CVE-2009-2054 Network Low None Requ...
7.8 2009-08-27 CVE-2009-2053 Network Low None Requ...
7.8 2009-08-27 CVE-2009-2052 Network Low None Requ...
7.8 2009-08-27 CVE-2009-2051 Network Low None Requ...
7.8 2009-08-27 CVE-2009-2050 Network Low None Requ...
4.3 2009-01-22 CVE-2009-0057 Network Medium None Requ...
7.1 2008-09-26 CVE-2008-3801 Network Medium None Requ...
7.1 2008-09-26 CVE-2008-3800 Network Medium None Requ...
5 2008-06-26 CVE-2008-2730 Network Low None Requ...
10 2008-04-04 CVE-2008-1154 Network Low None Requ...
6.8 2007-08-09 CVE-2007-4294 Network Medium None Requ...

CWE : Common Weakness Enumeration

%idName
22% (2)CWE-287Improper Authentication
22% (2)CWE-22Improper Limitation of a Pathname to a Restricted Directory ('Path ...
22% (2)CWE-20Improper Input Validation
11% (1)CWE-399Resource Management Errors
11% (1)CWE-264Permissions, Privileges, and Access Controls
Hide | Show 1 More...
%idName
11% (1)CWE-200Information Exposure

CAPEC : Common Attack Pattern Enumeration & Classification

idName
CAPEC-2Inducing Account Lockout
CAPEC-82Violating Implicit Assumptions Regarding XML Content (aka XML Denial of Servi...
CAPEC-99XML Parser Attack
CAPEC-119Resource Depletion
CAPEC-121Locate and Exploit Test APIs
Hide | Show 7 More...
idName
CAPEC-125Resource Depletion through Flooding
CAPEC-130Resource Depletion through Allocation
CAPEC-147XML Ping of Death
CAPEC-197XEE (XML Entity Expansion)
CAPEC-227Denial of Service through Resource Depletion
CAPEC-228Resource Depletion through DTD Injection in a SOAP Message
CAPEC-229XML Attribute Blowup

Oval Markup Language : Definitions

OvalIDName
oval:org.mitre.oval:def:5851Cisco IOS Session Initiation Protocol (SIP) Packet Arbitrary Code Execution V...
oval:org.mitre.oval:def:6086Cisco IOS Session Initiation Protocol Denial of Service Vulnerability
oval:org.mitre.oval:def:6047Cisco IOS Session Initiation Protocol Denial of Service Vulnerability

Open Source Vulnerability Database (OSVDB)

idDescription
76572Cisco Multiple Products Unspecified URI Traversal Aribtrary File Access
57456Cisco Unified Communications Manager SIP Packet Processing Unspecified Remote...
57455Cisco Unified Communications Manager SCCP Packet Handling Unspecified Remote DoS
57454Cisco Unified Communications Manager Embedded Firewall Network Connection Sat...
57453Cisco Unified Communications Manager SIP Trunk Malformed Packet Handling Remo...
Hide | Show 7 More...
idDescription
57452Cisco Unified Communications Manager Unspecified SIP Packet Handling Remote DoS
52317Cisco Unified Communications Manager Certificate Authority Proxy Function (CA...
48715Cisco IOS / CUCM SIP Packet Handling Unspecified Remote DoS (3801)
48714Cisco IOS / CUCM SIP Packet Handling Unspecified Remote DoS (3800)
46815Cisco Unified Communications Manager (CUCM) RIS Data Collector Authentication...
44032Cisco Unified Communications Disaster Recovery Framework (DRF) Arbitrary Remo...
36693Cisco Unified Communications Manager (CUCM) Crafted SIP Packet Remote Code Ex...

OpenVAS Exploits

idDescription
2012-01-26Name : Multiple Cisco Products 'file' Parameter () Directory Traversal Vulnerability
File : nvt/gb_cisco_multiple_products_50372.nasl

Information Assurance Vulnerability Management (IAVM)

idDescription
2013-B-0094Cisco Unified Communications Manager IM and Presence Service Remote Denial of...
Severity : Category I - VMSKEY : V0040164

Nessus® Vulnerability Scanner

idDescription
2013-09-03Name : The remote host is missing a vendor-supplied security patch.
File : cisco-sa-20130821-cups.nasl - Type : ACT_GATHER_INFO
2010-09-22Name : The remote device is missing a vendor-supplied security patch.
File : cisco-sa-20100922-siphttp.nasl - Type : ACT_GATHER_INFO
2010-09-01Name : The remote device is missing a vendor-supplied security patch.
File : cisco-sa-20070808-IOS-voice.nasl - Type : ACT_GATHER_INFO
2010-09-01Name : The remote device is missing a vendor-supplied security patch.
File : cisco-sa-20080924-siphttp.nasl - Type : ACT_GATHER_INFO