Next Page >>
Cisco Unity
-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA1
Cisco Security Advisory: Cisco Unified Communications Manager IP
Phone Personal Address Book Synchronizer Privilege Escalation
Vulnerability
Advisory ID: cisco-sa-20090311-cucmpab
Revision 1.0
-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA1
Cisco Security Advisory: Cisco Unified Communications Manager Denial
of Service Vulnerabilities
Advisory ID: cisco-sa-20080514-cucmdos
Revision 1.0
-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA1
Cisco Security Advisory: Cisco Unified Communications Manager Denial
of Service Vulnerabilities
Advisory ID: cisco-sa-20080514-cucmdos
Revision 1.0
-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA1
Cisco Security Advisory: Cisco Unified Communications Manager Denial
of Service Vulnerabilities
Advisory ID: cisco-sa-20100303-cucm
Revision 1.0
-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA1
Cisco Security Advisory: Cisco Unified Communications Manager Session
Initiation Protocol Denial of Service Vulnerabilities
Advisory ID: cisco-sa-20080924-cucm
http://www.cisco.com/warp/public/707/cisco-sa-20080924-cucm.shtml
-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA256
Cisco Security Advisory: Multiple Vulnerabilities in Cisco Unified
Communications Manager
Document ID: 112878
Advisory ID: cisco-sa-20110427-cucm
-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA256
Cisco Security Advisory: Cisco Unified Communications Manager Denial
of Service Vulnerabilities
Advisory ID: cisco-sa-20110824-cucm
Revision 1.0
-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA1
Cisco Security Advisory: Cisco Unified Communications Manager Denial
of Service Vulnerabilities
Advisory ID: cisco-sa-20090826-cucm
Revision 1.0
-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA256
Cisco Security Advisory: Open Query Interface in Cisco Unified
Communications Manager and Cisco Unified Presence Server
Advisory ID: cisco-sa-20110824-cucm-cups
Revision 1.0
-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA1
Cisco Security Advisory: Cisco Unified Communications Manager Denial
of Service Vulnerabilities
Advisory ID: cisco-sa-20100825-cucm
Revision 1.0
-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA1
Cisco Security Advisory: Cisco Unified Communications Manager Session
Initiation Protocol Denial of Service Vulnerability
Advisory ID: cisco-sa-20090923-cm
Revision 1.0
=======
Cisco Unity Connection is a feature-rich voice messaging platform
that runs on the same Linux-based Cisco Unified Communications
Operating System that is used by Cisco Unified Communications
Manager. Cisco Unity Connection scales to support enterprise
organizations with up to 100,000 users.
Cisco Unity Connection Privilege Escalation Vulnerability
+--------------------------------------------------------
-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA256
Cisco Security Advisory: Cisco Unified Communications Manager Session
Initiation Protocol Memory Leak Vulnerability
Advisory ID: cisco-sa-20110928-cucm
Revision 1.0
-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA1
Cisco Unified Communications Manager Session Initiation Protocol
Denial of Service Vulnerabilities
Advisory ID: cisco-sa-20100922-cucmsip
http://www.cisco.com/warp/public/707/cisco-sa-20100922-cucmsip.shtml
-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA256
Cisco Unified Communications Manager Directory Traversal Vulnerability
Advisory ID: cisco-sa-20111026-cucm
Revision 1.0
For Public Release 2011 October 26 16:00 UTC (GMT)
-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA1
Cisco Security Advisory: Authentication Bypass in Cisco Unity
Advisory ID: cisco-sa-20081008-unity
http://www.cisco.com/warp/public/707/cisco-sa-20081008-unity.shtml
Revision 1.0
-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA1
Cisco Security Advisory: Cisco Unified Communications Manager CAPF
Denial of Service Vulnerability
Advisory ID: cisco-sa-20090121-cucmcapf
Revision 1.0
-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA256
Cisco Unified Communications Manager Skinny Client Control Protocol Vulnerabilities
Advisory ID: cisco-sa-20120229-cucm
Revision 1.0
For Public Release 2012 February 29 16:00 UTC (GMT)
-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA1
Cisco Security Advisory: Cisco Unified Communications Manager Denial
of Service and Authentication Bypass
Vulnerabilities
Advisory ID: cisco-sa-20080625-cucm
Revision 1.0
Note: The September 28, 2011, Cisco IOS Software Security Advisory
bundled publication includes ten Cisco Security Advisories. Nine of the
advisories address vulnerabilities in Cisco IOS Software, and one
advisory addresses a vulnerability in Cisco Unified Communications
Manager. Each advisory lists the Cisco IOS Software releases that
correct the vulnerability or vulnerabilities detailed in the advisory as
well as the Cisco IOS Software releases that correct all vulnerabilities
in the September 2011 Bundled Publication.
Individual publication links are in "Cisco Event Response: Semiannual
-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA1
Cisco Security Advisory: Cisco Unified Communications Manager CTL
Provider Heap Overflow
Document ID: 100345
Advisory ID: cisco-sa-20080116-cucmctl
4.2.x or later (prior versions are affected)
* Cisco Prime Central
* Cisco Prime Optical
* Cisco Prime Performance Manager
* Cisco TelePresence Server
* Cisco Unified Communications Manager (formerly Cisco CallManager)
* Cisco Unity
* Cisco Unity Connection
* Cisco Wireless LAN Controllers (WLC)
This section will be updated when more information is available.
Vulnerable Products
+------------------
The following Cisco products are known to be vulnerable:
* Cisco Unified Communications Manager (CUCM) 5.x and 6.x
* Cisco Unified Communications Manager Business Edition
* Cisco Unified Precense 1.x and 6.x
* Cisco Emergency Responder 2.x
* Cisco Mobility Manager 2.x
There are no workarounds that mitigate this vulnerability.
This advisory is posted at:
http://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20111026-uccx
Cisco Unified Communications Manager is also affected by this
vulnerability and a separate advisory has been published at:
http://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20111026-cucm
Note: Effective October 18, 2011, Cisco moved the current list of Cisco
Security Advisories and Responses published by Cisco PSIRT. The new
http://www.cisco.com/warp/public/707/cisco-sa-20080924-sip.shtml
Note: The September 24, 2008 IOS Advisory bundled publication
includes twelve Security Advisories. Eleven of the advisories address
vulnerabilities in Cisco's IOS software, and one advisory addresses
vulnerabilities in Cisco Unified Communications Manager. Each
Advisory lists the releases that correct the vulnerability described
in the Advisory. Please reference the following software table to
find a release that fixes all published IOS software Advisories as of
September 24th, 2008:
Note: The September 22, 2010, Cisco IOS Software Security Advisory
bundled publication includes six Cisco Security Advisories. Five of
the advisories address vulnerabilities in Cisco IOS Software, and one
advisory addresses vulnerabilities in Cisco Unified Communications
Manager. Each advisory lists the releases that correct the
vulnerability or vulnerabilities detailed in the advisory. The table
at the following URL lists releases that correct all Cisco IOS
Software vulnerabilities that have been published on September 22,
2010, or earlier:
the Cisco Security Manager are examples of a standalone implementation.
Standalone agents are installed in the following Cisco IP Communications
products:
* Cisco Unified Communications Manager (CallManager)
* Cisco Conference Connection (CCC)
* Emergency Responder
* IPCC Express
* IPCC Enterprise
* IPCC Hosted
Only Cisco Security Agent release 5.2 for Windows and Linux, either
managed or standalone, are affected by the DoS vulnerability.
Standalone agents are installed in the following products:
* Cisco Unified Communications Manager (CallManager)
* Cisco Conference Connection (CCC)
* Emergency Responder
* IPCC Express
* IPCC Enterprise
* IPCC Hosted
-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA1
Cisco Security Advisory: Cisco Unified Communications Manager Express
Vulnerability
Advisory ID: cisco-sa-20090923-cme
Revision 1.0
-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA1
Cisco Security Advisory: SQL injection in Cisco Unified
Communications Manager
Document ID: 100358
Advisory ID: cisco-sa-20080213-cucmsql
Next Page>>
|
