CVEDB API

Vulnerabilities

Vulnerable Software

Cisco: >> Unified Communications Manager >> 10.5 Security Vulnerabilities

CVE-2013-3451

Multiple cross-site request forgery (CSRF) vulnerabilities in Cisco Unified Communications Manager (Unified CM) allow remote attackers to hijack the authentication of arbitrary users for requests that perform arbitrary Unified CM operations, aka Bug ID CSCui13033.

CVSS Score

6.8

EPSS Score

0.001

Published

2013-08-05

CVE-2013-3397

Cross-site request forgery (CSRF) vulnerability in the Unified Serviceability component in Cisco Unified Communications Manager (CUCM) allows remote attackers to hijack the authentication of arbitrary users for requests that perform Unified Serviceability actions, aka Bug ID CSCuh10298.

CVSS Score

6.8

EPSS Score

0.001

Published

2013-06-26

CVE-2013-1188

Cisco Unified Communications Manager (CUCM) does not properly limit the rate of authentication attempts, which allows remote attackers to cause a denial of service (application slowdown) via a series of requests, aka Bug ID CSCud39515.

CVSS Score

5.0

EPSS Score

0.007

Published

2013-05-16

CVE-2013-1240

The command-line interface in Cisco Unified Communications Manager (CUCM) does not properly validate input, which allows local users to read arbitrary files via unspecified vectors, aka Bug ID CSCue25770.

CVSS Score

4.6

EPSS Score

0.001

Published

2013-05-04

Page 5

Vulnerabilities

Vulnerable Software

Cisco: >> Unified Communications Manager >> 10.5 Security Vulnerabilities

Products

Pricing

Contact Us