📦 Unified Communications Manager

This critical vulnerability allows unauthenticated remote attackers to log into Cisco Unified Communications Manager systems using static root credentials that cannot be changed. Attackers gain full r...

This critical vulnerability in Cisco Unified Communications and Contact Center Solutions allows unauthenticated remote attackers to execute arbitrary code on affected devices by sending crafted messag...

CVE-2021-44228 (Log4Shell) is a critical remote code execution vulnerability in Apache Log4j2 that allows attackers to execute arbitrary code by exploiting JNDI lookups in log messages. This affects a...

This critical vulnerability allows unauthenticated remote attackers to execute arbitrary commands on affected Cisco Unified Communications systems by sending crafted HTTP requests to the web managemen...

An unauthenticated remote attacker can send a specially crafted SIP message to Cisco Unified Communications Manager systems, causing them to reload and creating a denial of service condition. This vul...

An unauthenticated remote attacker can send crafted HTTP requests to a specific API endpoint in Cisco Unified Communications products, causing high CPU utilization that leads to denial of service. Thi...

This vulnerability allows authenticated remote attackers to perform SQL injection attacks on Cisco Unified Communications Manager (Unified CM) and its Session Management Edition (SME) via the web-base...

This vulnerability allows authenticated remote attackers to execute arbitrary code with root privileges on Cisco Unified Communications products via a crafted SOAP API request. It affects Cisco Unifie...

This CSRF vulnerability in Cisco Unified Communications Manager allows unauthenticated remote attackers to trick authenticated users into performing unauthorized actions via malicious links. Affected ...

This vulnerability allows authenticated local attackers with administrative credentials to execute arbitrary commands as root on affected Cisco Unified Communications products. The issue stems from im...

This cross-site scripting (XSS) vulnerability in Cisco Unified Communications Manager allows authenticated attackers to inject malicious scripts into the web management interface. When exploited, it e...

An unauthenticated cross-site scripting (XSS) vulnerability in Cisco Unified Communications Manager web interface allows attackers to execute malicious scripts in users' browsers by tricking them into...

An unauthenticated cross-site scripting (XSS) vulnerability in Cisco Unified Communications Manager web interface allows attackers to execute malicious scripts in users' browsers by tricking them into...