This CPE summary could be partial or incomplete. Please contact us for a detailed listing.

Summary

Summuary
CPE Namecpe:/a:cisco:unified_communications_manager:6.0:
Detail
VendorCiscoFirst view 2007-08-09
ProductUnified Communications ManagerLast view 2014-01-08
Version6.0TypeApplication
Edition 
Language 
Update 
 
CPE Productcpe:/a:cisco:unified_communications_manager

Activity : Overall

Related : CVE

This CPE have more than 25 Relations. If you want to see a complete summary for this CPE, please contact us.
 DateAlertAccess VectorAccess ComplexityAuthentication
42014-01-08CVE-2014-0657NetworkLowRequires ...
42013-12-21CVE-2013-6978NetworkLowRequires ...
6.92013-11-17CVE-2013-6689LocalMediumNone Requ...
6.32013-11-17CVE-2013-6688NetworkMediumRequires ...
7.82013-08-22CVE-2013-3453NetworkLowNone Requ...
Hide | Show 20 More...
 DateAlertAccess VectorAccess ComplexityAuthentication
6.82012-02-29CVE-2011-4487NetworkMediumNone Requ...
7.82012-02-29CVE-2011-4486NetworkLowNone Requ...
7.82011-11-01CVE-2011-0941NetworkLowNone Requ...
7.82011-10-27CVE-2011-3315NetworkLowNone Requ...
7.82011-10-03CVE-2011-2072NetworkLowNone Requ...
7.82011-08-29CVE-2011-2562NetworkLowNone Requ...
102011-08-29CVE-2011-1643NetworkLowNone Requ...
6.42011-05-03CVE-2011-1610NetworkLowNone Requ...
8.52011-05-03CVE-2011-1609NetworkMediumRequires ...
6.52011-05-03CVE-2011-1607NetworkLowRequires ...
7.82011-05-03CVE-2011-1606NetworkLowNone Requ...
7.82011-05-03CVE-2011-1605NetworkLowNone Requ...
7.12011-05-03CVE-2011-1604NetworkMediumNone Requ...
6.82010-11-09CVE-2010-3039LocalLowRequires ...
7.82010-09-23CVE-2010-2835NetworkLowNone Requ...
7.82010-09-23CVE-2010-2834NetworkLowNone Requ...
7.82010-03-05CVE-2010-0592NetworkLowNone Requ...
7.82010-03-05CVE-2010-0591NetworkLowNone Requ...
7.82010-03-05CVE-2010-0588NetworkLowNone Requ...

CWE : Common Weakness Enumeration

%idName
24% (6)CWE-399Resource Management Errors
24% (6)CWE-20Improper Input Validation
16% (4)CWE-89Improper Sanitization of Special Elements used in an SQL Command ('...
12% (3)CWE-22Improper Limitation of a Pathname to a Restricted Directory ('Path ...
8% (2)CWE-200Information Exposure
Hide | Show 4 More...
%idName
4% (1)CWE-287Improper Authentication
4% (1)CWE-264Permissions, Privileges, and Access Controls
4% (1)CWE-255Credentials Management
4% (1)CWE-78Improper Sanitization of Special Elements used in an OS Command ('O...

CAPEC : Common Attack Pattern Enumeration & Classification

idName
CAPEC-2Inducing Account Lockout
CAPEC-82Violating Implicit Assumptions Regarding XML Content (aka XML Denial of Servi...
CAPEC-99XML Parser Attack
CAPEC-119Resource Depletion
CAPEC-121Locate and Exploit Test APIs
Hide | Show 7 More...
idName
CAPEC-125Resource Depletion through Flooding
CAPEC-130Resource Depletion through Allocation
CAPEC-147XML Ping of Death
CAPEC-197XEE (XML Entity Expansion)
CAPEC-227Denial of Service through Resource Depletion
CAPEC-228Resource Depletion through DTD Injection in a SOAP Message
CAPEC-229XML Attribute Blowup

Oval Markup Language : Definitions

OvalIDName
oval:org.mitre.oval:def:5851Cisco IOS Session Initiation Protocol (SIP) Packet Arbitrary Code Execution V...

Open Source Vulnerability Database (OSVDB)

This CPE have more than 25 Relations. If you want to see a complete summary for this CPE, please contact us.
idDescription
76862Cisco Unified Communications Manager (CUCM) SIP Message Parsing Remote DoS
76572Cisco Multiple Products Unspecified URI Traversal Aribtrary File Access
75918Cisco IOS Session Control Buffers (SCB) SIP Packet Parsing Voice Service Remo...
74779Cisco Multiple Products Open Query Interface Remote Information Disclosure
74775Cisco Unified Communications Manager SIP INVITE Message Parsing Remote DoS
Hide | Show 20 More...
idDescription
72615Cisco Unified Communications Manager xmldirectorylist.jsp Multiple Parameter ...
72614Cisco Unified Communications Manager Unspecified SQL Injection
72613Cisco Unified Communications Manager Upload Request Traversal Arbitrary File ...
72612Cisco Unified Communications Manager Malformed SIP Message Unspecified Remote...
72611Cisco Unified Communications Manager Malformed SIP Message Unspecified Remote...
72610Cisco Unified Communications Manager Malformed SIP Message Memory Exhaustion ...
69158Cisco Unified Communications Manager /usr/local/cm/bin/pktCap_protectData Pri...
68206Cisco Unified Communications Manager (CUCM) SIP REFER Request Invalid Refer-T...
68205Cisco IOS SIP REFER Request Invalid Refer-To Header Remote DoS
68204Cisco Unified Communications Manager (CUCM) Crafted UDP SIP Registration Traf...
68203Cisco IOS Crafted UDP SIP Registration Traffic Remote DoS
62761Cisco Unified Communications Manager CTI Manager Message Handling Remote DoS
62760Cisco Unified Communications Manager Malformed SIP Message Handling Remote Do...
62758Cisco Unified Communications Manager Malformed SCCP Message Handling Remote D...
62757Cisco Unified Communications Manager Malformed SCCP Message Handling Remote D...
57456Cisco Unified Communications Manager SIP Packet Processing Unspecified Remote...
57455Cisco Unified Communications Manager SCCP Packet Handling Unspecified Remote DoS
57454Cisco Unified Communications Manager Embedded Firewall Network Connection Sat...
57453Cisco Unified Communications Manager SIP Trunk Malformed Packet Handling Remo...
57452Cisco Unified Communications Manager Unspecified SIP Packet Handling Remote DoS

OpenVAS Exploits

idDescription
2012-01-26Name : Multiple Cisco Products 'file' Parameter () Directory Traversal Vulnerability
File : nvt/gb_cisco_multiple_products_50372.nasl
2009-03-13Name : Ubuntu USN-731-1 (apache2)
File : nvt/ubuntu_731_1.nasl
2009-03-13Name : Ubuntu USN-732-1 (dash)
File : nvt/ubuntu_732_1.nasl

Information Assurance Vulnerability Management (IAVM)

idDescription
2013-B-0094Cisco Unified Communications Manager IM and Presence Service Remote Denial of...
Severity : Category I - VMSKEY : V0040164

Snort® IPS/IDS

DateDescription
2014-01-10Cisco Unified Communications Manager sql injection attempt
RuleID : 21377 - Type : SERVER-WEBAPP - Revision : 6

Nessus® Vulnerability Scanner

idDescription
2013-09-03Name : The remote host is missing a vendor-supplied security patch.
File : cisco-sa-20130821-cups.nasl - Type : ACT_GATHER_INFO
2011-09-29Name : The remote device is missing a vendor-supplied security patch.
File : cisco-sa-20110928-siphttp.nasl - Type : ACT_GATHER_INFO
2010-09-22Name : The remote device is missing a vendor-supplied security patch.
File : cisco-sa-20100922-siphttp.nasl - Type : ACT_GATHER_INFO
2010-09-01Name : The remote device is missing a vendor-supplied security patch.
File : cisco-sa-20070808-IOS-voice.nasl - Type : ACT_GATHER_INFO