Cisco Unified Callmanager — known CVE vulnerabilities
Every CVE whose affected-product data names Cisco Unified Callmanager, ordered by CVSS severity, with EPSS exploit prediction and CISA KEV status.
CVEs (18)
CVE-2008-0027 — CVSS 10.0 (critical): Heap-based buffer overflow in the Certificate Trust List (CTL) Provider service (CTLProvider.exe) in Cisco Unified Communications Manager…
CVE-2006-5278 — CVSS 10.0 (critical): Integer overflow in the Real-Time Information Server (RIS) Data Collector service (RisDC.exe) in Cisco Unified Communications Manager…
CVE-2007-5538 — CVSS 10.0 (critical): Buffer overflow in the Centralized TFTP File Locator Service in Cisco Unified Communications Manager (CUCM, formerly CallManager) 5.1…
CVE-2006-5277 — CVSS 9.3 (critical): Off-by-one error in the Certificate Trust List (CTL) Provider service (CTLProvider.exe) in Cisco Unified Communications Manager (CUCM…
CVE-2006-5553 — CVSS 7.8 (high): Cisco Security Agent (CSA) for Linux 4.5 before 4.5.1.657 and 5.0 before 5.0.0.193, as used by Unified CallManager (CUCM) and Unified…
CVE-2007-1826 — CVSS 7.8 (high): Unspecified vulnerability in the IPSec Manager Service for Cisco Unified CallManager (CUCM) 5.0 before 5.0(4a)SU1 and Cisco Unified…
CVE-2008-1744 — CVSS 7.8 (high): The Certificate Authority Proxy Function (CAPF) service in Cisco Unified Communications Manager (CUCM) 4.1 before 4.1(3)SR7, 4.2 before…
CVE-2007-1834 — CVSS 7.8 (high): Cisco Unified CallManager (CUCM) 5.0 before 5.0(4a)SU1 and Cisco Unified Presence Server (CUPS) 1.0 before 1.0(3) allow remote attackers to…
CVE-2009-2864 — CVSS 7.8 (high): Cisco Unified Communications Manager (aka CUCM, formerly CallManager) 5.x before 5.1(3g), 6.x before 6.1(4), 7.0.x before 7.0(2a)su1, and…
CVE-2006-3594 — CVSS 7.5 (high): Buffer overflow in Cisco Unified CallManager (CUCM) 5.0(1) through 5.0(3a) allows remote attackers to execute arbitrary code via a long…
CVE-2008-3801 — CVSS 7.1 (high): Unspecified vulnerability in the Session Initiation Protocol (SIP) implementation in Cisco IOS 12.2 through 12.4 and Unified Communications…
CVE-2008-3800 — CVSS 7.1 (high): Unspecified vulnerability in the Session Initiation Protocol (SIP) implementation in Cisco IOS 12.2 through 12.4 and Unified Communications…
CVE-2008-0026 — CVSS 6.5 (medium): SQL injection vulnerability in Cisco Unified CallManager/Communications Manager (CUCM) 5.0/5.1 before 5.1(3a) and 6.0/6.1 before 6.1(1a)…
CVE-2007-1833 — CVSS 5.0 (medium): The Skinny Call Control Protocol (SCCP) implementation in Cisco Unified CallManager (CUCM) 3.3 before 3.3(5)SR2a, 4.1 before 4.1(3)SR4, 4.2…
CVE-2006-3592 — CVSS 4.6 (medium): Unspecified vulnerability in the command line interface (CLI) in Cisco Unified CallManager (CUCM) 5.0(1) through 5.0(3a) allows local users…
CVE-2006-3593 — CVSS 4.0 (medium): The command line interface (CLI) in Cisco Unified CallManager (CUCM) 5.0(1) through 5.0(3a) allows local users to overwrite arbitrary files…
CVE-2015-0680 — CVSS 4.0 (medium): Cisco Unified Call Manager (CM) 9.1(2.1000.28) does not properly restrict resource requests, which allows remote authenticated users to…