CPE-14D174B2-7B96-4361-9095-ADA2BD468DB9 Détail

CPE Details

Cisco Unity Connection Software 14su2

Vendor

cisco

Product

unity_connection

Version

14su2

Created

2023-12-09
03h57 +00:00

Modifié

2023-12-09
03h57 +00:00

Liens officiels

CPE NVD

Alerte pour un CPE

Restez informé de toutes modifications pour un CPE spécifique.

Gestion des notifications

Liste des Notifications

Alerte pour un CPE

Restez informé de toutes modifications pour un CPE spécifique.

Paramètres

Vous pouvez spécifier un titre qui sera récupéré dans les alertes qui seront envoyées.

CPE ID

Planifications

Mois

Prochaine exécution calculée

Jour

Jour de la semaine

Heure

Minute

Date de création

Dernière exécution

Prochaine exécution

Fonctionnalité nécessitant une connexion

Cette fonctionnalité qui vous permet de recevoir des alertes, n'est active que lorsque vous êtes connecté à votre compte.

CPE Name: cpe:2.3:a:cisco:unity_connection:14su2:::::::*

Informations

Vendor

cisco

Product

unity_connection

Version

14su2

Related CVE

Open and find in CVE List

CVE ID	Publié	Description	Score	Gravité
CVE-2024-20253	2024-01-26 17h28 +00:00	A vulnerability in multiple Cisco Unified Communications and Contact Center Solutions products could allow an unauthenticated, remote attacker to execute arbitrary code on an affected device. This vulnerability is due to the improper processing of user-provided data that is being read into memory. An attacker could exploit this vulnerability by sending a crafted message to a listening port of an affected device. A successful exploit could allow the attacker to execute arbitrary commands on the underlying operating system with the privileges of the web services user. With access to the underlying operating system, the attacker could also establish root access on the affected device.	10	Critique
CVE-2024-20305	2024-01-26 17h26 +00:00	A vulnerability in the web-based management interface of Cisco Unity Connection could allow an authenticated, remote attacker to conduct a cross-site scripting (XSS) attack against a user of the interface. This vulnerability exists because the web-based management interface does not properly validate user-supplied input. An attacker could exploit this vulnerability by persuading a user of the interface to click a crafted link. A successful exploit could allow the attacker to execute arbitrary script code in the context of the affected interface or access sensitive, browser-based information.	4.8	Moyen
CVE-2023-20266	2023-08-30 16h18 +00:00	A vulnerability in Cisco Emergency Responder, Cisco Unified Communications Manager (Unified CM), Cisco Unified Communications Manager Session Management Edition (Unified CM SME), and Cisco Unity Connection could allow an authenticated, remote attacker to elevate privileges to root on an affected device. This vulnerability exists because the application does not properly restrict the files that are being used for upgrades. An attacker could exploit this vulnerability by providing a crafted upgrade file. A successful exploit could allow the attacker to elevate privileges to root. To exploit this vulnerability, the attacker must have valid platform administrator credentials on an affected device.	7.2	Haute

Cisco Unity Connection Software 14su2

CPE Details

CPE Name: cpe:2.3:a:cisco:unity_connection:14su2:*:*:*:*:*:*:*

Informations

Vendor

Product

Version

Related CVE

CPE Name: cpe:2.3:a:cisco:unity_connection:14su2:::::::*