Vulnerabilities (CVE)

Filtered by vendor Cisco Subscribe
Filtered by product Unity
Total 5 CVE
CVE Vendors Products Updated CVSS v2 CVSS v3
CVE-2008-3814 1 Cisco 1 Unity 2024-02-04 5.8 MEDIUM N/A
Unspecified vulnerability in Cisco Unity 4.x before 4.2(1)ES161, 5.x before 5.0(1)ES53, and 7.x before 7.0(2)ES8, when using anonymous authentication (aka native Unity authentication), allows remote attackers to bypass authentication and read or modify system configuration parameters by going to a specific link more than once.
CVE-2008-4543 1 Cisco 1 Unity 2024-02-04 7.1 HIGH N/A
Cisco Unity 4.x before 4.2(1)ES161, 5.x before 5.0(1)ES53, and 7.x before 7.0(2)ES8, when using anonymous authentication (aka native Unity authentication), allows remote attackers to cause a denial of service (session exhaustion) via a large number of connections.
CVE-2008-4545 1 Cisco 1 Unity 2024-02-04 4.0 MEDIUM N/A
Cisco Unity 4.x before 4.2(1)ES161, 5.x before 5.0(1)ES53, and 7.x before 7.0(2)ES8 uses weak permissions for the D:\CommServer\Reports directory, which allows remote authenticated users to obtain sensitive information by reading files in this directory.
CVE-2008-4542 1 Cisco 1 Unity 2024-02-04 3.5 LOW N/A
Cross-site scripting (XSS) vulnerability in Cisco Unity 4.x before 4.2(1)ES162, 5.x before 5.0(1)ES56, and 7.x before 7.0(2)ES8 allows remote authenticated administrators to inject arbitrary web script or HTML by entering it in the database (aka data store).
CVE-2008-4544 1 Cisco 1 Unity 2024-02-04 5.0 MEDIUM N/A
Unspecified vulnerability in an unspecified Microsoft API, as used by Cisco Unity and possibly other products, allows remote attackers to cause a denial of service by sending crafted packets to dynamic UDP ports, related to a "processing error."