Vulmon
Recent Vulnerabilities
Research Posts
Trends
Blog
About
Contact
Vulmon Alerts
By Relevance
By Risk Score
By Publish Date
unified intelligence center vulnerabilities and exploits
(subscribe to this query)
4.3
CVSSv2
CVE-2017-12254
A vulnerability in the web interface of Cisco Unified Intelligence Center could allow an unauthenticated, remote malicious user to perform a Document Object Model (DOM)-based cross-site scripting attack. The vulnerability is due to insufficient input validation of some parameters...
Cisco Unified Intelligence Center 11.5\\(1\\)
4.3
CVSSv2
CVE-2017-12248
A vulnerability in the web framework code of Cisco Unified Intelligence Center Software could allow an unauthenticated, remote malicious user to conduct a cross-site scripting (XSS) attack against a user of the web interface of an affected system. The vulnerability is due to insu...
Cisco Unified Intelligence Center 11.5\\(1\\)
6.8
CVSSv2
CVE-2017-12253
A vulnerability in the Cisco Unified Intelligence Center could allow an unauthenticated, remote malicious user to execute unwanted actions. The vulnerability is due to a lack of cross-site request forgery (CSRF) protection. An attacker could exploit this vulnerability by tricking...
Cisco Unified Intelligence Center 11.5\\(1\\)
4.3
CVSSv2
CVE-2017-6789
A vulnerability in the Cisco Unified Intelligence Center web interface could allow an unauthenticated, remote malicious user to impact the integrity of the system by executing a Document Object Model (DOM)-based, environment or client-side cross-site scripting (XSS) attack. The v...
Cisco Unified Intelligence Center 11.0\\(1\\)es10
5
CVSSv2
CVE-2017-3733
During a renegotiation handshake if the Encrypt-Then-Mac extension is negotiated where it was not in the original handshake (or vice-versa) then this can cause OpenSSL 1.1.0 prior to 1.1.0e to crash (dependent on ciphersuite). Both clients and servers are affected.
Openssl Openssl 1.1.0
Openssl Openssl 1.1.0c
Openssl Openssl 1.1.0d
Openssl Openssl 1.1.0a
Openssl Openssl 1.1.0b
Hp Operations Agent 11.15
Hp Operations Agent 11.14
1 Github repository
5
CVSSv2
CVE-2017-3730
In OpenSSL 1.1.0 prior to 1.1.0d, if a malicious server supplies bad parameters for a DHE or ECDHE key exchange then this can result in the client attempting to dereference a NULL pointer leading to a client crash. This could be exploited in a Denial of Service attack.
Openssl Openssl 1.1.0c
Openssl Openssl 1.1.0
Openssl Openssl 1.1.0b
Openssl Openssl 1.1.0a
Oracle Agile Engineering Data Management 6.2.0
Oracle Jd Edwards World Security A9.2
Oracle Communications Eagle Lnp Application Processor 10.1
Oracle Communications Application Session Controller 3.7.1
Oracle Jd Edwards World Security A9.4
Oracle Jd Edwards Enterpriseone Tools 9.2
Oracle Communications Operations Monitor 3.4
Oracle Communications Operations Monitor 4.0
Oracle Agile Engineering Data Management 6.1.3
Oracle Jd Edwards World Security A9.1
Oracle Jd Edwards World Security A9.3
Oracle Communications Eagle Lnp Application Processor 10.0
Oracle Communications Eagle Lnp Application Processor 10.2
Oracle Communications Application Session Controller 3.8.0
1 EDB exploit
1 Github repository
1 Article
10
CVSSv2
CVE-2017-5638
The Jakarta Multipart parser in Apache Struts 2 2.3.x prior to 2.3.32 and 2.5.x prior to 2.5.10.1 has incorrect exception handling and error-message generation during file-upload attempts, which allows remote malicious users to execute arbitrary commands via a crafted Content-Typ...
Apache Struts 2.3.5
Apache Struts 2.3.28
Apache Struts 2.3.20.2
Apache Struts 2.3.15
Apache Struts 2.3.25
Apache Struts 2.3.14
Apache Struts 2.3.13
Apache Struts 2.3.16
Apache Struts 2.3.24.2
Apache Struts 2.3.17
Apache Struts 2.3.24.1
Apache Struts 2.3.22
Apache Struts 2.3.9
Apache Struts 2.3.16.3
Apache Struts 2.3.23
Apache Struts 2.3.6
Apache Struts 2.3.24.3
Apache Struts 2.3.15.2
Apache Struts 2.3.29
Apache Struts 2.3.14.3
Apache Struts 2.3.19
Apache Struts 2.3.20.1
2 EDB exploits
2 Nmap scripts
144 Github repositories
15 Articles
6.8
CVSSv2
CVE-2016-6427
Cross-site request forgery (CSRF) vulnerability in Cisco Unified Intelligence Center (CUIC) 8.5.4 up to and including 9.1(1), as used in Unified Contact Center Express 10.0(1) up to and including 11.0(1), allows remote malicious users to hijack the authentication of arbitrary use...
Cisco Unified Contact Center Express 11.0\\(1\\)
Cisco Unified Intelligence Center 8.5.4
Cisco Unified Contact Center Express 10.6\\(1\\)
Cisco Unified Intelligence Center 9.0\\(2\\)
Cisco Unified Contact Center Express 10.5\\(1\\)
Cisco Unified Intelligence Center 9.1\\(1\\)
Cisco Unified Contact Center Express 10.0\\(1\\)
4.3
CVSSv2
CVE-2016-6425
Cross-site scripting (XSS) vulnerability in Cisco Unified Intelligence Center (CUIC) 8.5.4 up to and including 9.1(1), as used in Unified Contact Center Express 10.0(1) up to and including 11.0(1), allows remote malicious users to inject arbitrary web script or HTML via a crafted...
Cisco Unified Intelligence Center 8.5.4
Cisco Unified Contact Center Express 10.0\\(1\\)
Cisco Unified Contact Center Express 10.6\\(1\\)
Cisco Unified Intelligence Center 9.0\\(2\\)
Cisco Unified Contact Center Express 10.5\\(1\\)
Cisco Unified Intelligence Center 9.1\\(1\\)
Cisco Unified Contact Center Express 11.0\\(1\\)
4.3
CVSSv2
CVE-2016-6426
The j_spring_security_switch_user function in Cisco Unified Intelligence Center (CUIC) 8.5.4 up to and including 9.1(1), as used in Unified Contact Center Express 10.0(1) up to and including 11.0(1), allows remote malicious users to create user accounts by visiting an unspecified...
Cisco Unified Contact Center Express 11.0\\(1\\)
Cisco Unified Intelligence Center 8.5.4
Cisco Unified Contact Center Express 10.6\\(1\\)
Cisco Unified Intelligence Center 9.0\\(2\\)
Cisco Unified Contact Center Express 10.5\\(1\\)
Cisco Unified Intelligence Center 9.1\\(1\\)
Cisco Unified Contact Center Express 10.0\\(1\\)
CVSSv2
CVSSv2
CVSSv3
VMScore
Recommendations:
CVE-2024-4671
unauthorized
CVE-2024-4776
CVE-2024-3407
CVE-2024-26026
CVE-2024-32888
wireless
CVE-2024-4656
template injection
Vulnerability Notification Service
You don’t have to wait for vulnerability scanning results
Get Started
« PREV
1
2
3
4
5
6
7
8
9
NEXT »