This CPE summary could be partial or incomplete. Please contact us for a detailed listing.

Summary

Summuary
CPE Name cpe:/a:cisco:unified_communications_manager:6.0:
Detail
Vendor Cisco First view 2007-08-09
Product Unified Communications Manager Last view 2014-01-08
Version 6.0 Type Application
Edition  
Language  
Update  
 
CPE Product cpe:/a:cisco:unified_communications_manager

Activity : Overall

Related : CVE

This CPE have more than 25 Relations. If you want to see a complete summary for this CPE, please contact us.
 DateAlertAccess VectorAccess ComplexityAuthentication
4 2014-01-08 CVE-2014-0657 Network Low Requires ...
4 2013-12-21 CVE-2013-6978 Network Low Requires ...
6.9 2013-11-17 CVE-2013-6689 Local Medium None Requ...
6.3 2013-11-17 CVE-2013-6688 Network Medium Requires ...
7.8 2013-08-22 CVE-2013-3453 Network Low None Requ...
Hide | Show 20 More...
 DateAlertAccess VectorAccess ComplexityAuthentication
6.8 2012-02-29 CVE-2011-4487 Network Medium None Requ...
7.8 2012-02-29 CVE-2011-4486 Network Low None Requ...
7.8 2011-11-01 CVE-2011-0941 Network Low None Requ...
7.8 2011-10-27 CVE-2011-3315 Network Low None Requ...
7.8 2011-10-03 CVE-2011-2072 Network Low None Requ...
7.8 2011-08-29 CVE-2011-2562 Network Low None Requ...
10 2011-08-29 CVE-2011-1643 Network Low None Requ...
6.4 2011-05-03 CVE-2011-1610 Network Low None Requ...
8.5 2011-05-03 CVE-2011-1609 Network Medium Requires ...
6.5 2011-05-03 CVE-2011-1607 Network Low Requires ...
7.8 2011-05-03 CVE-2011-1606 Network Low None Requ...
7.8 2011-05-03 CVE-2011-1605 Network Low None Requ...
7.1 2011-05-03 CVE-2011-1604 Network Medium None Requ...
6.8 2010-11-09 CVE-2010-3039 Local Low Requires ...
7.8 2010-09-23 CVE-2010-2835 Network Low None Requ...
7.8 2010-09-23 CVE-2010-2834 Network Low None Requ...
7.8 2010-03-05 CVE-2010-0592 Network Low None Requ...
7.8 2010-03-05 CVE-2010-0591 Network Low None Requ...
7.8 2010-03-05 CVE-2010-0588 Network Low None Requ...

CWE : Common Weakness Enumeration

%idName
24% (6)CWE-399Resource Management Errors
24% (6)CWE-20Improper Input Validation
16% (4)CWE-89Improper Sanitization of Special Elements used in an SQL Command ('...
12% (3)CWE-22Improper Limitation of a Pathname to a Restricted Directory ('Path ...
8% (2)CWE-200Information Exposure
Hide | Show 4 More...
%idName
4% (1)CWE-287Improper Authentication
4% (1)CWE-264Permissions, Privileges, and Access Controls
4% (1)CWE-255Credentials Management
4% (1)CWE-78Improper Sanitization of Special Elements used in an OS Command ('O...

CAPEC : Common Attack Pattern Enumeration & Classification

idName
CAPEC-2Inducing Account Lockout
CAPEC-82Violating Implicit Assumptions Regarding XML Content (aka XML Denial of Servi...
CAPEC-99XML Parser Attack
CAPEC-119Resource Depletion
CAPEC-121Locate and Exploit Test APIs
Hide | Show 7 More...
idName
CAPEC-125Resource Depletion through Flooding
CAPEC-130Resource Depletion through Allocation
CAPEC-147XML Ping of Death
CAPEC-197XEE (XML Entity Expansion)
CAPEC-227Denial of Service through Resource Depletion
CAPEC-228Resource Depletion through DTD Injection in a SOAP Message
CAPEC-229XML Attribute Blowup

Oval Markup Language : Definitions

OvalIDName
oval:org.mitre.oval:def:5851Cisco IOS Session Initiation Protocol (SIP) Packet Arbitrary Code Execution V...

Open Source Vulnerability Database (OSVDB)

This CPE have more than 25 Relations. If you want to see a complete summary for this CPE, please contact us.
idDescription
76862Cisco Unified Communications Manager (CUCM) SIP Message Parsing Remote DoS
76572Cisco Multiple Products Unspecified URI Traversal Aribtrary File Access
75918Cisco IOS Session Control Buffers (SCB) SIP Packet Parsing Voice Service Remo...
74779Cisco Multiple Products Open Query Interface Remote Information Disclosure
74775Cisco Unified Communications Manager SIP INVITE Message Parsing Remote DoS
Hide | Show 20 More...
idDescription
72615Cisco Unified Communications Manager xmldirectorylist.jsp Multiple Parameter ...
72614Cisco Unified Communications Manager Unspecified SQL Injection
72613Cisco Unified Communications Manager Upload Request Traversal Arbitrary File ...
72612Cisco Unified Communications Manager Malformed SIP Message Unspecified Remote...
72611Cisco Unified Communications Manager Malformed SIP Message Unspecified Remote...
72610Cisco Unified Communications Manager Malformed SIP Message Memory Exhaustion ...
69158Cisco Unified Communications Manager /usr/local/cm/bin/pktCap_protectData Pri...
68206Cisco Unified Communications Manager (CUCM) SIP REFER Request Invalid Refer-T...
68205Cisco IOS SIP REFER Request Invalid Refer-To Header Remote DoS
68204Cisco Unified Communications Manager (CUCM) Crafted UDP SIP Registration Traf...
68203Cisco IOS Crafted UDP SIP Registration Traffic Remote DoS
62761Cisco Unified Communications Manager CTI Manager Message Handling Remote DoS
62760Cisco Unified Communications Manager Malformed SIP Message Handling Remote Do...
62758Cisco Unified Communications Manager Malformed SCCP Message Handling Remote D...
62757Cisco Unified Communications Manager Malformed SCCP Message Handling Remote D...
57456Cisco Unified Communications Manager SIP Packet Processing Unspecified Remote...
57455Cisco Unified Communications Manager SCCP Packet Handling Unspecified Remote DoS
57454Cisco Unified Communications Manager Embedded Firewall Network Connection Sat...
57453Cisco Unified Communications Manager SIP Trunk Malformed Packet Handling Remo...
57452Cisco Unified Communications Manager Unspecified SIP Packet Handling Remote DoS

OpenVAS Exploits

idDescription
2012-01-26Name : Multiple Cisco Products 'file' Parameter () Directory Traversal Vulnerability
File : nvt/gb_cisco_multiple_products_50372.nasl
2009-03-13Name : Ubuntu USN-731-1 (apache2)
File : nvt/ubuntu_731_1.nasl
2009-03-13Name : Ubuntu USN-732-1 (dash)
File : nvt/ubuntu_732_1.nasl

Information Assurance Vulnerability Management (IAVM)

idDescription
2013-B-0094Cisco Unified Communications Manager IM and Presence Service Remote Denial of...
Severity : Category I - VMSKEY : V0040164

Snort® IPS/IDS

DateDescription
2014-01-10Cisco Unified Communications Manager sql injection attempt
RuleID : 21377 - Type : SERVER-WEBAPP - Revision : 6

Nessus® Vulnerability Scanner

idDescription
2013-09-03Name : The remote host is missing a vendor-supplied security patch.
File : cisco-sa-20130821-cups.nasl - Type : ACT_GATHER_INFO
2011-09-29Name : The remote device is missing a vendor-supplied security patch.
File : cisco-sa-20110928-siphttp.nasl - Type : ACT_GATHER_INFO
2010-09-22Name : The remote device is missing a vendor-supplied security patch.
File : cisco-sa-20100922-siphttp.nasl - Type : ACT_GATHER_INFO
2010-09-01Name : The remote device is missing a vendor-supplied security patch.
File : cisco-sa-20070808-IOS-voice.nasl - Type : ACT_GATHER_INFO