Total
5 CVE
CVE | Vendors | Products | Updated | CVSS v2 | CVSS v3 |
---|---|---|---|---|---|
CVE-2008-4545 | 1 Cisco | 1 Unity | 2024-11-21 | 4.0 MEDIUM | N/A |
Cisco Unity 4.x before 4.2(1)ES161, 5.x before 5.0(1)ES53, and 7.x before 7.0(2)ES8 uses weak permissions for the D:\CommServer\Reports directory, which allows remote authenticated users to obtain sensitive information by reading files in this directory. | |||||
CVE-2008-4544 | 1 Cisco | 1 Unity | 2024-11-21 | 5.0 MEDIUM | N/A |
Unspecified vulnerability in an unspecified Microsoft API, as used by Cisco Unity and possibly other products, allows remote attackers to cause a denial of service by sending crafted packets to dynamic UDP ports, related to a "processing error." | |||||
CVE-2008-4543 | 1 Cisco | 1 Unity | 2024-11-21 | 7.1 HIGH | N/A |
Cisco Unity 4.x before 4.2(1)ES161, 5.x before 5.0(1)ES53, and 7.x before 7.0(2)ES8, when using anonymous authentication (aka native Unity authentication), allows remote attackers to cause a denial of service (session exhaustion) via a large number of connections. | |||||
CVE-2008-4542 | 1 Cisco | 1 Unity | 2024-11-21 | 3.5 LOW | N/A |
Cross-site scripting (XSS) vulnerability in Cisco Unity 4.x before 4.2(1)ES162, 5.x before 5.0(1)ES56, and 7.x before 7.0(2)ES8 allows remote authenticated administrators to inject arbitrary web script or HTML by entering it in the database (aka data store). | |||||
CVE-2008-3814 | 1 Cisco | 1 Unity | 2024-11-21 | 5.8 MEDIUM | N/A |
Unspecified vulnerability in Cisco Unity 4.x before 4.2(1)ES161, 5.x before 5.0(1)ES53, and 7.x before 7.0(2)ES8, when using anonymous authentication (aka native Unity authentication), allows remote attackers to bypass authentication and read or modify system configuration parameters by going to a specific link more than once. |