Next Page >>
Communications Manager
-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA1
Cisco Security Advisory: Cisco Unified Communications Manager IP
Phone Personal Address Book Synchronizer Privilege Escalation
Vulnerability
Advisory ID: cisco-sa-20090311-cucmpab
Revision 1.0
-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA1
Cisco Security Advisory: Cisco Unified Communications Manager Denial
of Service Vulnerabilities
Advisory ID: cisco-sa-20080514-cucmdos
Revision 1.0
-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA1
Cisco Security Advisory: Cisco Unified Communications Manager Denial
of Service Vulnerabilities
Advisory ID: cisco-sa-20080514-cucmdos
Revision 1.0
-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA1
Cisco Security Advisory: Cisco Unified Communications Manager Session
Initiation Protocol Denial of Service Vulnerabilities
Advisory ID: cisco-sa-20080924-cucm
http://www.cisco.com/warp/public/707/cisco-sa-20080924-cucm.shtml
-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA256
Cisco Security Advisory: Cisco Unified Communications Manager Denial
of Service Vulnerabilities
Advisory ID: cisco-sa-20110824-cucm
Revision 1.0
-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA1
Cisco Security Advisory: Cisco Unified Communications Manager Denial
of Service Vulnerabilities
Advisory ID: cisco-sa-20090826-cucm
Revision 1.0
-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA256
Cisco Security Advisory: Multiple Vulnerabilities in Cisco Unified
Communications Manager
Document ID: 112878
Advisory ID: cisco-sa-20110427-cucm
-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA1
Cisco Security Advisory: Cisco Unified Communications Manager Denial
of Service Vulnerabilities
Advisory ID: cisco-sa-20100303-cucm
Revision 1.0
-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA1
Cisco Security Advisory: Cisco Unified Communications Manager Session
Initiation Protocol Denial of Service Vulnerability
Advisory ID: cisco-sa-20090923-cm
Revision 1.0
-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA1
Cisco Security Advisory: Cisco Unified Communications Manager Denial
of Service Vulnerabilities
Advisory ID: cisco-sa-20100825-cucm
Revision 1.0
-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA256
Cisco Security Advisory: Open Query Interface in Cisco Unified
Communications Manager and Cisco Unified Presence Server
Advisory ID: cisco-sa-20110824-cucm-cups
Revision 1.0
-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA256
Cisco Security Advisory: Cisco Unified Communications Manager Session
Initiation Protocol Memory Leak Vulnerability
Advisory ID: cisco-sa-20110928-cucm
Revision 1.0
-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA256
Cisco Unified Communications Manager Skinny Client Control Protocol Vulnerabilities
Advisory ID: cisco-sa-20120229-cucm
Revision 1.0
For Public Release 2012 February 29 16:00 UTC (GMT)
-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA1
Cisco Unified Communications Manager Session Initiation Protocol
Denial of Service Vulnerabilities
Advisory ID: cisco-sa-20100922-cucmsip
http://www.cisco.com/warp/public/707/cisco-sa-20100922-cucmsip.shtml
-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA1
Cisco Security Advisory: Cisco Unified Communications Manager CAPF
Denial of Service Vulnerability
Advisory ID: cisco-sa-20090121-cucmcapf
Revision 1.0
-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA256
Cisco Unified Communications Manager Directory Traversal Vulnerability
Advisory ID: cisco-sa-20111026-cucm
Revision 1.0
For Public Release 2011 October 26 16:00 UTC (GMT)
-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA1
Cisco Security Advisory: Cisco Unified Communications Manager Denial
of Service and Authentication Bypass
Vulnerabilities
Advisory ID: cisco-sa-20080625-cucm
Revision 1.0
-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA1
Cisco Security Advisory: XSS and SQL Injection in Cisco
CallManager/Unified Communications Manager Logon Page
Advisory ID: cisco-sa-20070829-ccm
http://www.cisco.com/warp/public/707/cisco-sa-20070829-ccm.shtml
Note: The September 28, 2011, Cisco IOS Software Security Advisory
bundled publication includes ten Cisco Security Advisories. Nine of the
advisories address vulnerabilities in Cisco IOS Software, and one
advisory addresses a vulnerability in Cisco Unified Communications
Manager. Each advisory lists the Cisco IOS Software releases that
correct the vulnerability or vulnerabilities detailed in the advisory as
well as the Cisco IOS Software releases that correct all vulnerabilities
in the September 2011 Bundled Publication.
Individual publication links are in "Cisco Event Response: Semiannual
Vulnerable Products
+------------------
The following Cisco products are known to be vulnerable:
* Cisco Unified Communications Manager (CUCM) 5.x and 6.x
* Cisco Unified Communications Manager Business Edition
* Cisco Unified Precense 1.x and 6.x
* Cisco Emergency Responder 2.x
* Cisco Mobility Manager 2.x
-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA1
Cisco Security Advisory: SQL injection in Cisco Unified
Communications Manager
Document ID: 100358
Advisory ID: cisco-sa-20080213-cucmsql
Note: The September 22, 2010, Cisco IOS Software Security Advisory
bundled publication includes six Cisco Security Advisories. Five of
the advisories address vulnerabilities in Cisco IOS Software, and one
advisory addresses vulnerabilities in Cisco Unified Communications
Manager. Each advisory lists the releases that correct the
vulnerability or vulnerabilities detailed in the advisory. The table
at the following URL lists releases that correct all Cisco IOS
Software vulnerabilities that have been published on September 22,
2010, or earlier:
-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA1
Cisco Security Advisory: Cisco Unified Communications Manager CTL
Provider Heap Overflow
Document ID: 100345
Advisory ID: cisco-sa-20080116-cucmctl
http://www.cisco.com/warp/public/707/cisco-sa-20080924-sip.shtml
Note: The September 24, 2008 IOS Advisory bundled publication
includes twelve Security Advisories. Eleven of the advisories address
vulnerabilities in Cisco's IOS software, and one advisory addresses
vulnerabilities in Cisco Unified Communications Manager. Each
Advisory lists the releases that correct the vulnerability described
in the Advisory. Please reference the following software table to
find a release that fixes all published IOS software Advisories as of
September 24th, 2008:
-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA1
Cisco Security Advisory: Cisco Unified Communications Manager Express
Vulnerability
Advisory ID: cisco-sa-20090923-cme
Revision 1.0
There are no workarounds that mitigate this vulnerability.
This advisory is posted at:
http://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20111026-uccx
Cisco Unified Communications Manager is also affected by this
vulnerability and a separate advisory has been published at:
http://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20111026-cucm
Note: Effective October 18, 2011, Cisco moved the current list of Cisco
Security Advisories and Responses published by Cisco PSIRT. The new
There are no available workarounds to mitigate these vulnerabilities.
This advisory is posted at:
http://www.cisco.com/warp/public/707/cisco-sa-20110824-ime.shtml
Note: Cisco Unified Communications Manager Software is also affected
by these vulnerabilities. A separate Cisco Security Advisory has been
published to disclose the vulnerabilities that affects the Cisco
Unified Communications Manager. That advisory is available at:
http://www.cisco.com/warp/public/707/cisco-sa-20110824-cucm.shtml
Note: The September 23, 2009, Cisco IOS Security Advisory bundled
publication includes eleven Security Advisories. Ten of the
advisories address vulnerabilities in Cisco IOS Software, and one
advisory addresses a vulnerability in Cisco Unified Communications
Manager. Each advisory lists the releases that correct the
vulnerability or vulnerabilities detailed in the advisory. The
following table lists releases that correct all Cisco IOS Software
vulnerabilities that have been published on September 23, 2009, or
earlier.
Note: The September 23, 2009, Cisco IOS Security Advisory bundled
publication includes eleven Security Advisories. Ten of the
advisories address vulnerabilities in Cisco IOS Software, and one
advisory addresses a vulnerability in Cisco Unified Communications
Manager. Each advisory lists the releases that correct the
vulnerability or vulnerabilities detailed in the advisory. The
following table lists releases that correct all Cisco IOS Software
vulnerabilities that have been published on September 23, 2009, or
earlier.
nSense Vulnerability Research Security Advisory NSENSE-2010-003
---------------------------------------------------------------
Affected Vendor: Cisco Systems, Inc
Affected Product: Cisco Unified Communications Manager
Platform: All
Impact: Privilege Escalation
Vendor response: Patch. IntelliShield ID 21656
CVE: CVE-2010-3039
Credit: Knud / nSense
Next Page>>
|
