Cisco Unified Communications Domain Manager — known CVE vulnerabilities
Every CVE whose affected-product data names Cisco Unified Communications Domain Manager, ordered by CVSS severity, with EPSS exploit prediction and CISA KEV status.
CVEs (41)
CVE-2014-2198 — CVSS 10.0 (critical): Cisco Unified Communications Domain Manager (CDM) in Unified CDM Platform Software before 4.4.2 has a hardcoded SSH private key, which…
CVE-2018-0124 — CVSS 9.8 (critical): A vulnerability in Cisco Unified Communications Domain Manager could allow an unauthenticated, remote attacker to bypass security…
CVE-2014-2197 — CVSS 9.0 (critical): The Administration GUI in the web framework in Cisco Unified Communications Domain Manager (CDM) in Unified CDM Application Software before…
CVE-2018-0364 — CVSS 8.8 (high): A vulnerability in the web-based management interface of Cisco Unified Communications Domain Manager could allow an unauthenticated, remote…
CVE-2014-3300 — CVSS 7.5 (high): The BVSMWeb portal in the web framework in Cisco Unified Communications Domain Manager (CDM) in Unified CDM Application Software before 10…
CVE-2014-3337 — CVSS 6.8 (medium): The SIP implementation in Cisco Unified Communications Manager (CM) 8.6(.2) and earlier allows remote authenticated users to cause a denial…
CVE-2013-3418 — CVSS 6.8 (medium): Cisco Unified Communications Domain Manager does not properly allocate memory for GET and POST requests, which allows remote authenticated…
CVE-2015-0682 — CVSS 6.5 (medium): Cisco Unified Communications Domain Manager 8.1(4) allows remote authenticated users to execute arbitrary code by visiting a "deprecated…
CVE-2015-0684 — CVSS 6.5 (medium): SQL injection vulnerability in the Image Management component in Cisco Unified Communications Domain Manager 8.1(4) allows remote…
CVE-2014-3339 — CVSS 6.5 (medium): Multiple SQL injection vulnerabilities in the administrative web interface in Cisco Unified Communications Manager (CM) and Cisco Unified…
CVE-2014-8010 — CVSS 6.5 (medium): The web framework in Cisco Unified Communications Domain Manager 8 allows remote authenticated administrators to execute arbitrary OS…
CVE-2017-6670 — CVSS 6.1 (medium): A vulnerability in the web-based GUI of Cisco Unified Communications Domain Manager could allow an unauthenticated, remote attacker to…
CVE-2018-0386 — CVSS 6.1 (medium): A vulnerability in Cisco Unified Communications Domain Manager Software could allow an unauthenticated, remote attacker to conduct a…
CVE-2014-3283 — CVSS 5.8 (medium): Open redirect vulnerability in Self-Care Client Portal applications in the web framework in VOSS in Cisco Unified Communications Domain…
CVE-2014-3320 — CVSS 5.8 (medium): Multiple open redirect vulnerabilities in the admin web interface in the web framework in Cisco Unified Communications Domain Manager (CDM)…
CVE-2013-5517 — CVSS 5.5 (medium): SQL injection vulnerability in the web framework in Cisco Unified Communications Domain Manager allows remote authenticated users to…
CVE-2019-15968 — CVSS 5.4 (medium): A vulnerability in the web-based management interface of Cisco Unified Communications Domain Manager (Unified CDM) could allow an…
CVE-2015-4229 — CVSS 5.0 (medium): The web framework in Cisco Unified Communications Domain Manager 8.1(4)ER1 allows remote attackers to obtain sensitive information by…
CVE-2013-1230 — CVSS 5.0 (medium): Cisco Unified Communications Domain Manager allows remote attackers to cause a denial of service (CPU consumption) via a flood of malformed…
CVE-2014-3278 — CVSS 5.0 (medium): The web framework in VOSS in Cisco Unified Communications Domain Manager (CDM) does not properly implement access control, which allows…
CVE-2014-3279 — CVSS 5.0 (medium): The Administration GUI in the web framework in VOSS in Cisco Unified Communications Domain Manager (CDM) 9.0(.1) and earlier does not…
CVE-2014-3281 — CVSS 5.0 (medium): The web framework in VOSS in Cisco Unified Communications Domain Manager (CDM) does not properly implement access control, which allows…
CVE-2014-8020 — CVSS 5.0 (medium): Cisco Unified Communication Domain Manager Platform Software allows remote attackers to cause a denial of service (CPU consumption, and…
CVE-2015-0591 — CVSS 5.0 (medium): Cisco Unified Communications Domain Manager (UCDM) 10 allows remote attackers to cause a denial of service (daemon hang and GUI outage) via…
CVE-2015-0699 — CVSS 5.0 (medium): SQL injection vulnerability in the Interactive Voice Response (IVR) component in Cisco Unified Communications Manager (UCM)…
CVE-2015-4196 — CVSS 5.0 (medium): Platform Software before 4.4.5 in Cisco Unified Communications Domain Manager (CDM) 8.x has a hardcoded password for a privileged account…
CVE-2017-6668 — CVSS 4.9 (medium): Vulnerabilities in the web-based GUI of Cisco Unified Communications Domain Manager (CUCDM) could allow an authenticated, remote attacker…
CVE-2015-6352 — CVSS 4.3 (medium): Cisco Unified Communications Domain Manager before 10.6(1) provides different error messages for pathname access attempts depending on…
CVE-2014-8018 — CVSS 4.3 (medium): Multiple cross-site scripting (XSS) vulnerabilities in Business Voice Services Manager (BVSM) pages in the Application Software in Cisco…
CVE-2017-12302 — CVSS 4.3 (medium): A vulnerability in the Cisco Unified Communications Manager SQL database interface could allow an authenticated, remote attacker to impact…
CVE-2014-2104 — CVSS 4.3 (medium): Multiple cross-site scripting (XSS) vulnerabilities in the Business Voice Services Manager (BVSM) page in Cisco Unified Communications…
CVE-2013-1227 — CVSS 4.3 (medium): Cross-site scripting (XSS) vulnerability in the web framework in Cisco Unified Communications Domain Manager allows remote attackers to…
CVE-2014-3280 — CVSS 4.0 (medium): The web framework in VOSS in Cisco Unified Communications Domain Manager (CDM) 9.0(.1) and earlier does not properly implement access…
CVE-2014-3277 — CVSS 4.0 (medium): The Administration GUI in the web framework in VOSS in Cisco Unified Communications Domain Manager (CDM) 9.0(.1) and earlier does not…
CVE-2014-3282 — CVSS 4.0 (medium): The Administration GUI in the web framework in VOSS in Cisco Unified Communications Domain Manager (CDM) 9.0(.1) and earlier does not…
CVE-2015-0683 — CVSS 4.0 (medium): Cisco Unified Communications Domain Manager 8.1(4) allows remote authenticated users to obtain sensitive information via a file-inclusion…
CVE-2015-6422 — CVSS 4.0 (medium): The self-service application in Cisco Unified Communications Domain Manager (CUCDM) 10.6(1) allows remote authenticated users to cause a…