Cisco Unified Meetingplace — known CVE vulnerabilities
Every CVE whose affected-product data names Cisco Unified Meetingplace, ordered by CVSS severity, with EPSS exploit prediction and CISA KEV status.
CVEs (25)
CVE-2010-0140 — CVSS 10.0 (critical): Multiple unspecified vulnerabilities in the web server in Cisco Unified MeetingPlace 7 before 7.0(2.3) hotfix 5F, 6 before 6.0.639.3, and…
CVE-2015-0702 — CVSS 9.0 (critical): Unrestricted file upload vulnerability in the Custom Prompts upload implementation in Cisco Unified MeetingPlace 8.6(1.9) allows remote…
CVE-2010-0139 — CVSS 9.0 (critical): Cisco Unified MeetingPlace 7 before 7.0(2.3) hotfix 5F, 6 before 6.0.639.2, and possibly 5 does not properly validate SQL commands, which…
CVE-2010-0142 — CVSS 8.5 (high): MeetingTime in Cisco Unified MeetingPlace 6 before MR5, and possibly 5, allows remote authenticated users to gain privileges via a modified…
CVE-2012-5416 — CVSS 7.8 (high): Buffer overflow in Cisco Unified MeetingPlace Web Conferencing before 7.1MR1 Patch 1, 8.0 before 8.0MR1 Patch 1, and 8.5 before 8.5MR3…
CVE-2013-1168 — CVSS 7.6 (high): The web server in Cisco Unified MeetingPlace Application Server 7.x before 7.1MR1 Patch 2, 8.0 before 8.0MR1 Patch 1, and 8.5 before 8.5MR3…
CVE-2015-0704 — CVSS 6.8 (medium): Multiple cross-site request forgery (CSRF) vulnerabilities in API features in Cisco Unified MeetingPlace 8.6(1.9) allow remote attackers to…
CVE-2013-1128 — CVSS 6.8 (medium): Multiple cross-site request forgery (CSRF) vulnerabilities in the server in Cisco Unified MeetingPlace before 7.1(2.2000) allow remote…
CVE-2013-5494 — CVSS 6.8 (medium): Cross-site request forgery (CSRF) vulnerability in the web framework in Cisco Unified MeetingPlace Solution, as used in Unified…
CVE-2015-0705 — CVSS 6.8 (medium): Cross-site request forgery (CSRF) vulnerability in the SOAP API endpoints of the web-services directory in Cisco Unified MeetingPlace…
CVE-2012-0337 — CVSS 6.5 (medium): SQL injection vulnerability in the web component in Cisco Unified MeetingPlace 7.1 allows remote authenticated users to execute arbitrary…
CVE-2010-0141 — CVSS 6.4 (medium): MeetingTime in Cisco Unified MeetingPlace 6 before MR5, and possibly 5, allows remote attackers to discover usernames, passwords, and…
CVE-2015-0764 — CVSS 5.0 (medium): Cisco Unified MeetingPlace 8.6(1.9) allows remote attackers to read arbitrary files via a crafted resource request, aka Bug ID CSCus95603.
CVE-2015-0763 — CVSS 5.0 (medium): Cisco Unified MeetingPlace 8.6(1.2) does not properly validate session IDs in http URLs, which allows remote attackers to obtain sensitive…
CVE-2011-4232 — CVSS 5.0 (medium): The web server in Cisco Unified MeetingPlace 6.1 and 8.5 produces different responses for directory queries depending on whether the…
CVE-2015-0762 — CVSS 4.3 (medium): Cross-site scripting (XSS) vulnerability in the management interface in Cisco Unified MeetingPlace 8.6(1.2) and 8.6(1.9) for Microsoft…
CVE-2013-1123 — CVSS 4.3 (medium): Multiple cross-site scripting (XSS) vulnerabilities in the server in Cisco Unified MeetingPlace 7.0 allow remote attackers to inject…
CVE-2013-5495 — CVSS 4.3 (medium): Cross-site scripting (XSS) vulnerability in the web framework in the Application Server in Cisco Unified MeetingPlace allows remote…
CVE-2015-0703 — CVSS 4.3 (medium): Cross-site scripting (XSS) vulnerability in the administrative web interface in Cisco Unified MeetingPlace 8.6(1.9) allows remote attackers…
CVE-2007-5581 — CVSS 4.3 (medium): Multiple cross-site scripting (XSS) vulnerabilities in mpweb/scripts/mpx.dll in Cisco Unified MeetingPlace 5.4 and earlier and 6.0 allow…
CVE-2015-0758 — CVSS 4.0 (medium): The web-based user interface in Cisco Unified MeetingPlace 8.6(1.9) allows remote attackers to read arbitrary files via an XML document…
CVE-2015-4214 — CVSS 4.0 (medium): Cisco Unified MeetingPlace 8.6(1.2) and 8.6(1.9) allows remote authenticated users to discover cleartext passwords by reading HTML source…
CVE-2009-0743 — CVSS 3.5 (low): Cross-site scripting (XSS) vulnerability in the edit account page in the Web Server in Cisco Unified MeetingPlace Web Conferencing 6.0…
CVE-2007-1467 — CVSS 3.5 (low): Multiple cross-site scripting (XSS) vulnerabilities in (1) PreSearch.html and (2) PreSearch.class in Cisco Secure Access Control Server…