Cisco Unified Communications Manager IM & Presence Service 11.5(1)SU9

CPE Details

Cisco Unified Communications Manager IM & Presence Service 11.5(1)SU9
11.5\(1\)su9
2021-02-08
13h40 +00:00
2021-02-08
13h40 +00:00
Alerte pour un CPE
Stay informed of any changes for a specific CPE.
Notifications manage

CPE Name: cpe:2.3:a:cisco:unified_communications_manager_im_\&_presence_service:11.5\(1\)su9:*:*:*:*:*:*:*

Informations

Vendor

cisco

Product

unified_communications_manager_im_\&_presence_service

Version

11.5\(1\)su9

Related CVE

Open and find in CVE List

CVE ID Published Description Score Severity
CVE-2021-1409 2021-04-08 04h06 +00:00 Multiple vulnerabilities in the web-based management interface of Cisco Unified Communications Manager (Unified CM), Cisco Unified Communications Manager IM & Presence Service (Unified CM IM&P), Cisco Unified Communications Manager Session Management Edition (Unified CM SME), and Cisco Unity Connection could allow an unauthenticated, remote attacker to conduct a cross-site scripting (XSS) attack against an interface user. These vulnerabilities exist because the web-based management interface does not properly validate user-supplied input. An attacker could exploit these vulnerabilities by persuading an interface user to click a crafted link. A successful exploit could allow the attacker to execute arbitrary script code in the context of the affected interface or access sensitive browser-based information.
6.1
Medium
CVE-2021-1380 2021-04-08 04h05 +00:00 Multiple vulnerabilities in the web-based management interface of Cisco Unified Communications Manager (Unified CM), Cisco Unified Communications Manager IM & Presence Service (Unified CM IM&P), Cisco Unified Communications Manager Session Management Edition (Unified CM SME), and Cisco Unity Connection could allow an unauthenticated, remote attacker to conduct a cross-site scripting (XSS) attack against an interface user. These vulnerabilities exist because the web-based management interface does not properly validate user-supplied input. An attacker could exploit these vulnerabilities by persuading an interface user to click a crafted link. A successful exploit could allow the attacker to execute arbitrary script code in the context of the affected interface or access sensitive browser-based information.
6.1
Medium