threat
engine
.sh
Back
·
··:··
Home
/
Product
/
cisco emergency responder
Product
cisco emergency responder
27 known vulnerabilities across versions
Vulnerabilities are listed by affected version. Select any CVE for the full briefing and its intelligence graph.
Sort
Newest first
Oldest first
Highest CVSS
Lowest CVSS
Min CVSS
Any
4.0+
7.0+ (High)
9.0+ (Critical)
Published since
Reset
CVE-2024-20352
< 12.5(1)su8b
A vulnerability in Cisco Emergency Responder could allow an authenticated, remote attacker to conduct a directory traversal attack
4.9
MEDIUM
CVE-2024-20347
< 12.5(1)su8b
A vulnerability in Cisco Emergency Responder could allow an unauthenticated, remote attacker to conduct a CSRF attack, which could
4.3
MEDIUM
CVE-2023-20259
all versions
A vulnerability in an API endpoint of multiple Cisco Unified Communications Products could allow an unauthenticated, remote attack
8.6
HIGH
CVE-2023-20101
all versions
A vulnerability in Cisco Emergency Responder could allow an unauthenticated, remote attacker to log in to an affected device using
9.8
CRITICAL
CVE-2023-20266
all versions
A vulnerability in Cisco Emergency Responder, Cisco Unified Communications Manager (Unified CM), Cisco Unified Communications Mana
6.5
MEDIUM
CVE-2021-44228
< 11.5\(4\)
Apache Log4j2 2.0-beta9 through 2.15.0 (excluding security releases 2.12.2, 2.12.3, and 2.3.1) JNDI features used in configuration
10.0
CRITICAL
CVE-2021-1226
>= 12.5\(1\) and < 12.5\(1\)su3
A vulnerability in the audit logging component of Cisco Unified Communications Manager, Cisco Unified Communications Manager Sessi
4.3
MEDIUM
CVE-2019-16025
<= 12.5_su1
A vulnerability in the web framework of Cisco Emergency Responder could allow an authenticated, remote attacker to conduct a cross
4.8
MEDIUM
CVE-2018-15403
all versions
A vulnerability in the web interface of Cisco Emergency Responder, Cisco Unified Communications Manager, Cisco Unified Communicati
5.4
MEDIUM
CVE-2017-6779
>= 10.5 and < 10.5\(1a\)
Multiple Cisco products are affected by a vulnerability in local file management for certain system log files of Cisco collaborati
7.5
HIGH
CVE-2017-12337
all versions
A vulnerability in the upgrade mechanism of Cisco collaboration products based on the Cisco Voice Operating System software platfo
9.8
CRITICAL
CVE-2017-12227
all versions
A vulnerability in the SQL database interface for Cisco Emergency Responder could allow an authenticated, remote attacker to condu
5.4
MEDIUM
CVE-2016-9208
all versions
A vulnerability in the File Management Utility, the Download File form, and the Serviceability application of Cisco Emergency Resp
6.5
MEDIUM
CVE-2016-6468
all versions
A vulnerability in the web-based management interface of Cisco Emergency Responder could allow an unauthenticated, remote attacker
8.8
HIGH
CVE-2015-6407
all versions
Cisco Emergency Responder 10.5(3.10000.9) allows remote attackers to upload files to arbitrary locations via a crafted parameter,
CVE-2015-6406
all versions
Directory traversal vulnerability in the Tools menu in Cisco Emergency Responder 10.5(1.10000.5) allows remote authenticated users
CVE-2015-6405
all versions
Cross-site request forgery (CSRF) vulnerability in Cisco Emergency Responder 10.5(1) and 10.5(1a) allows remote attackers to hijac
CVE-2015-6400
all versions
Multiple cross-site scripting (XSS) vulnerabilities in Cisco Emergency Responder 10.5(1a) allow remote attackers to inject arbitra
CVE-2014-2117
<= 8.6
Multiple open redirect vulnerabilities in Cisco Emergency Responder (ER) 8.6 and earlier allow remote attackers to redirect users
CVE-2014-2116
<= 8.6
Cisco Emergency Responder (ER) 8.6 and earlier allows remote attackers to inject web pages and modify dynamic content via unspecif
CVE-2014-2115
<= 8.6
Multiple cross-site request forgery (CSRF) vulnerabilities in CERUserServlet pages in Cisco Emergency Responder (ER) 8.6 and earli
CVE-2014-2114
<= 8.6
Cross-site scripting (XSS) vulnerability in UserServlet in Cisco Emergency Responder (ER) 8.6 and earlier allows remote attackers
CVE-2012-1346
all versions
Cisco Emergency Responder 8.6 and 9.2 allows remote attackers to cause a denial of service (CPU consumption) by sending malformed
CVE-2008-1154
all versions
The Disaster Recovery Framework (DRF) master server in Cisco Unified Communications products, including Unified Communications Man
CVE-2005-0356
all versions
Multiple TCP implementations with Protection Against Wrapped Sequence Numbers (PAWS) with the timestamps option enabled allow remo
CVE-2004-1760
all versions
The default installation of Cisco voice products, when running the IBM Director Agent on IBM servers before OS 2000.2.6, does not
CVE-2004-1759
all versions
Cisco voice products, when running the IBM Director Agent on IBM servers before OS 2000.2.6, allows remote attackers to cause a de
Vulnerabilities
CISA KEV catalog
CWE weaknesses
CAPEC attack patterns
Package vulnerabilities
Threat intelligence
Threat actors
Tools & malware
ATT&CK techniques
IOCs
Detection & defense
Sigma rules
YARA rules
Atomic Red Team tests
D3FEND countermeasures
Compliance
NIST 800-53
ISO 27001:2022
SOC 2 TSC
PCI-DSS v4.0
CIS Controls v8.1
About
All capabilities
Live statistics
Data sources
Privacy policy
Terms of service
threatengine.sh · Open-source threat intelligence platform · 100+ authoritative sources · Every fact traces to its origin