Vulmon
Recent Vulnerabilities
Research Posts
Trends
Blog
About
Contact
Vulmon Alerts
By Relevance
By Risk Score
By Publish Date
cisco unified contact center express vulnerabilities and exploits
(subscribe to this query)
NA
CVE-2024-20253
A vulnerability in multiple Cisco Unified Communications and Contact Center Solutions products could allow an unauthenticated, remote malicious user to execute arbitrary code on an affected device. This vulnerability is due to the improper processing of user-provided data that is...
Cisco Unified Communications Manager
Cisco Unified Communications Manager Im And Presence Service
Cisco Unity Connection
Cisco Unified Contact Center Express 12.5\\(1\\)
Cisco Virtualized Voice Browser 12.6\\(2\\)
Cisco Virtualized Voice Browser 12.6\\(1\\)
Cisco Virtualized Voice Browser 12.5\\(1\\)
NA
CVE-2023-44487
The HTTP/2 protocol allows a denial of service (server resource consumption) because request cancellation can reset many streams quickly, as exploited in the wild in August through October 2023.
Ietf Http 2.0
Nghttp2 Nghttp2
Netty Netty
Envoyproxy Envoy 1.27.0
Envoyproxy Envoy 1.26.4
Envoyproxy Envoy 1.25.9
Envoyproxy Envoy 1.24.10
Eclipse Jetty
Caddyserver Caddy
Golang Http2
Golang Go
Golang Networking
F5 Big-ip Analytics
F5 Big-ip Policy Enforcement Manager
F5 Big-ip Local Traffic Manager
F5 Big-ip Link Controller
F5 Big-ip Global Traffic Manager
F5 Big-ip Fraud Protection Service
F5 Big-ip Domain Name System
F5 Big-ip Application Security Manager
F5 Big-ip Application Acceleration Manager
F5 Big-ip Advanced Firewall Manager
34 Github repositories
2 Articles
NA
CVE-2023-20232
A vulnerability in the Tomcat implementation for Cisco Unified Contact Center Express (Unified CCX) could allow an unauthenticated, remote malicious user to cause a web cache poisoning attack on an affected device. This vulnerability is due to improper input validation of HTTP re...
Cisco Unified Contact Center Express
NA
CVE-2023-20096
A vulnerability in the web-based management interface of Cisco Unified Contact Center Express (Unified CCX) could allow an authenticated, remote malicious user to perform a stored cross-site scripting (XSS) attack. This vulnerability is due to insufficient input validation of use...
Cisco Unified Contact Center Express
NA
CVE-2023-20088
A vulnerability in the nginx configurations that are provided as part of the VPN-less reverse proxy for Cisco Finesse could allow an unauthenticated, remote malicious user to create a denial of service (DoS) condition for new and existing users who are connected through a load ba...
Cisco Finesse
Cisco Finesse 12.6\\(1\\)
NA
CVE-2023-20061
Multiple vulnerabilities in Cisco Unified Intelligence Center could allow an authenticated, remote malicious user to collect sensitive information or perform a server-side request forgery (SSRF) attack on an affected system. Cisco plans to release software updates that address th...
Cisco Unified Contact Center Express -
Cisco Unified Intelligence Center
Cisco Packaged Contact Center Enterprise -
Cisco Unified Contact Center Enterprise -
NA
CVE-2023-20062
Multiple vulnerabilities in Cisco Unified Intelligence Center could allow an authenticated, remote malicious user to collect sensitive information or perform a server-side request forgery (SSRF) attack on an affected system. Cisco plans to release software updates that address th...
Cisco Unified Contact Center Express -
Cisco Unified Intelligence Center
Cisco Packaged Contact Center Enterprise -
Cisco Unified Contact Center Enterprise -
NA
CVE-2023-20058
A vulnerability in the web-based management interface of Cisco Unified Intelligence Center could allow an unauthenticated, remote malicious user to conduct a reflected cross-site scripting (XSS) attack against a user of the interface. This vulnerability exists because the web-bas...
Cisco Unified Contact Center Express
Cisco Unified Contact Center Enterprise
Cisco Packaged Contact Center Enterprise
Cisco Unified Intelligence Center
8.5
CVSSv2
CVE-2022-20658
A vulnerability in the web-based management interface of Cisco Unified Contact Center Management Portal (Unified CCMP) and Cisco Unified Contact Center Domain Manager (Unified CCDM) could allow an authenticated, remote malicious user to elevate their privileges to Administrator. ...
Cisco Unified Contact Center Express 12.0.1
Cisco Unified Contact Center Express 12.5.1
Cisco Unified Contact Center Management Portal
8.5
CVSSv2
CVE-2021-44832
Apache Log4j2 versions 2.0-beta7 up to and including 2.17.0 (excluding security fix releases 2.3.2 and 2.12.4) are vulnerable to a remote code execution (RCE) attack when a configuration uses a JDBC Appender with a JNDI LDAP data source URI when an attacker has control of the tar...
Apache Log4j 2.0
Apache Log4j
Oracle Weblogic Server 12.2.1.3.0
Oracle Primavera Unifier 18.8
Oracle Weblogic Server 12.2.1.4.0
Oracle Primavera Unifier 19.12
Oracle Weblogic Server 14.1.1.0.0
Oracle Primavera Unifier 20.12
Oracle Communications Interactive Session Recorder 6.3
Oracle Communications Interactive Session Recorder 6.4
Oracle Primavera Gateway
Oracle Retail Assortment Planning 16.0.3
Oracle Primavera Unifier 21.12
Oracle Primavera P6 Enterprise Project Portfolio Management 21.12.0.0
Oracle Primavera P6 Enterprise Project Portfolio Management
Oracle Primavera Gateway 21.12.0
Oracle Retail Fiscal Management 14.2
Oracle Siebel Ui Framework 21.12
Oracle Communications Diameter Signaling Router
Cisco Cloudcenter 4.10.0.16
Fedoraproject Fedora 34
Fedoraproject Fedora 35
34 Github repositories
4 Articles
CVSSv2
CVSSv2
CVSSv3
VMScore
Recommendations:
CVE-2022-48693
CVE-2024-30851
CVE-2024-34460
CVE-2024-2887
local
CVE-2024-27956
remote code execution
CVE-2024-34475
privilege
Vulnerability Notification Service
You don’t have to wait for vulnerability scanning results
Get Started
1
2
3
4
5
6
NEXT »