Vulmon
Recent Vulnerabilities
Product List
Research Posts
Trends
Blog
About
Contact
Vulmon Alerts
By Relevance
By Risk Score
By Publish Date
unified intelligence center vulnerabilities and exploits
(subscribe to this query)
6.1
CVSSv3
CVE-2017-12248
A vulnerability in the web framework code of Cisco Unified Intelligence Center Software could allow an unauthenticated, remote malicious user to conduct a cross-site scripting (XSS) attack against a user of the web interface of an affected system. The vulnerability is due to insu...
Cisco Unified Intelligence Center 11.5(1)
8.8
CVSSv3
CVE-2017-12253
A vulnerability in the Cisco Unified Intelligence Center could allow an unauthenticated, remote malicious user to execute unwanted actions. The vulnerability is due to a lack of cross-site request forgery (CSRF) protection. An attacker could exploit this vulnerability by tricking...
Cisco Unified Intelligence Center 11.5(1)
6.1
CVSSv3
CVE-2017-12254
A vulnerability in the web interface of Cisco Unified Intelligence Center could allow an unauthenticated, remote malicious user to perform a Document Object Model (DOM)-based cross-site scripting attack. The vulnerability is due to insufficient input validation of some parameters...
Cisco Unified Intelligence Center 11.5(1)
6.1
CVSSv3
CVE-2017-6789
A vulnerability in the Cisco Unified Intelligence Center web interface could allow an unauthenticated, remote malicious user to impact the integrity of the system by executing a Document Object Model (DOM)-based, environment or client-side cross-site scripting (XSS) attack. The v...
Cisco Unified Intelligence Center 11.0(1)es10
7.5
CVSSv3
CVE-2017-3730
In OpenSSL 1.1.0 prior to 1.1.0d, if a malicious server supplies bad parameters for a DHE or ECDHE key exchange then this can result in the client attempting to dereference a NULL pointer leading to a client crash. This could be exploited in a Denial of Service attack.
Openssl Openssl 1.1.0c
Openssl Openssl 1.1.0b
Openssl Openssl 1.1.0
Openssl Openssl 1.1.0a
Oracle Jd Edwards Enterpriseone Tools 9.2
Oracle Agile Engineering Data Management 6.1.3
Oracle Agile Engineering Data Management 6.2.0
Oracle Jd Edwards World Security A9.1
Oracle Jd Edwards World Security A9.2
Oracle Jd Edwards World Security A9.3
Oracle Jd Edwards World Security A9.4
Oracle Communications Operations Monitor 3.4
Oracle Communications Operations Monitor 4.0
Oracle Communications Eagle Lnp Application Processor 10.0
Oracle Communications Eagle Lnp Application Processor 10.1
Oracle Communications Eagle Lnp Application Processor 10.2
Oracle Communications Application Session Controller 3.7.1
Oracle Communications Application Session Controller 3.8.0
1 EDB exploit
1 Github repository
1 Article
7.5
CVSSv3
CVE-2017-3733
During a renegotiation handshake if the Encrypt-Then-Mac extension is negotiated where it was not in the original handshake (or vice-versa) then this can cause OpenSSL 1.1.0 prior to 1.1.0e to crash (dependent on ciphersuite). Both clients and servers are affected.
Openssl Openssl 1.1.0c
Openssl Openssl 1.1.0b
Openssl Openssl 1.1.0d
Openssl Openssl 1.1.0
Openssl Openssl 1.1.0a
Hp Operations Agent 11.15
Hp Operations Agent 11.14
1 Github repository
10
CVSSv3
CVE-2017-5638
The Jakarta Multipart parser in Apache Struts 2 2.3.x prior to 2.3.32 and 2.5.x prior to 2.5.10.1 has incorrect exception handling and error-message generation during file-upload attempts, which allows remote malicious users to execute arbitrary commands via a crafted Content-Typ...
Apache Struts 2.3.5
Apache Struts 2.3.28
Apache Struts 2.3.20.2
Apache Struts 2.3.15
Apache Struts 2.3.25
Apache Struts 2.3.14
Apache Struts 2.3.13
Apache Struts 2.3.16
Apache Struts 2.3.24.2
Apache Struts 2.3.17
Apache Struts 2.3.24.1
Apache Struts 2.3.22
Apache Struts 2.3.9
Apache Struts 2.3.16.3
Apache Struts 2.3.23
Apache Struts 2.3.6
Apache Struts 2.3.24.3
Apache Struts 2.3.15.2
Apache Struts 2.3.29
Apache Struts 2.3.14.3
Apache Struts 2.3.19
Apache Struts 2.3.20.1
2 EDB exploits
2 Nmap scripts
148 Github repositories
15 Articles
8.8
CVSSv3
CVE-2016-6427
Cross-site request forgery (CSRF) vulnerability in Cisco Unified Intelligence Center (CUIC) 8.5.4 up to and including 9.1(1), as used in Unified Contact Center Express 10.0(1) up to and including 11.0(1), allows remote malicious users to hijack the authentication of arbitrary use...
Cisco Unified Contact Center Express 10.0(1)
Cisco Unified Intelligence Center 9.1(1)
Cisco Unified Intelligence Center 8.5.4
Cisco Unified Intelligence Center 9.0(2)
Cisco Unified Contact Center Express 10.5(1)
Cisco Unified Contact Center Express 10.6(1)
Cisco Unified Contact Center Express 11.0(1)
6.1
CVSSv3
CVE-2016-6425
Cross-site scripting (XSS) vulnerability in Cisco Unified Intelligence Center (CUIC) 8.5.4 up to and including 9.1(1), as used in Unified Contact Center Express 10.0(1) up to and including 11.0(1), allows remote malicious users to inject arbitrary web script or HTML via a crafted...
Cisco Unified Contact Center Express 10.0(1)
Cisco Unified Intelligence Center 9.1(1)
Cisco Unified Intelligence Center 8.5.4
Cisco Unified Intelligence Center 9.0(2)
Cisco Unified Contact Center Express 10.5(1)
Cisco Unified Contact Center Express 10.6(1)
Cisco Unified Contact Center Express 11.0(1)
7.5
CVSSv3
CVE-2016-6426
The j_spring_security_switch_user function in Cisco Unified Intelligence Center (CUIC) 8.5.4 up to and including 9.1(1), as used in Unified Contact Center Express 10.0(1) up to and including 11.0(1), allows remote malicious users to create user accounts by visiting an unspecified...
Cisco Unified Contact Center Express 10.0(1)
Cisco Unified Intelligence Center 9.1(1)
Cisco Unified Intelligence Center 8.5.4
Cisco Unified Intelligence Center 9.0(2)
Cisco Unified Contact Center Express 10.5(1)
Cisco Unified Contact Center Express 10.6(1)
Cisco Unified Contact Center Express 11.0(1)
CVSSv3
CVSSv2
CVSSv3
VMScore
Recommendations:
CVE-2024-3080
log injection
CVE-2024-6041
CVE-2024-37661
XML external entity
CVE-2024-0845
privilege escalation
CVE-2023-37057
CVE-2024-27801
Vulnerability Notification Service
You don’t have to wait for vulnerability scanning results
Get Started
« PREV
1
2
3
4
5
6
7
8
9
NEXT »