Vulmon
Recent Vulnerabilities
Research Posts
Trends
Blog
About
Contact
Vulmon Alerts
By Relevance
By Risk Score
By Publish Date
cisco unified contact center express vulnerabilities and exploits
(subscribe to this query)
5.4
CVSSv3
CVE-2016-1307
The Openfire server in Cisco Finesse Desktop 10.5(1) and 11.0(1) and Unified Contact Center Express 10.6(1) has a hardcoded account, which makes it easier for remote malicious users to obtain access via an XMPP session, aka Bug ID CSCuw79085.
Cisco Finesse 10.5\\\\\\(1\\\\\\) Base
Cisco Finesse 11.0\\\\\\(1\\\\\\) Base
Cisco Unified Contact Center Express 10.6\\\\\\(1\\\\\\)
5.3
CVSSv3
CVE-2023-20232
A vulnerability in the Tomcat implementation for Cisco Unified Contact Center Express (Unified CCX) could allow an unauthenticated, remote malicious user to cause a web cache poisoning attack on an affected device. This vulnerability is due to improper input validation of HTTP re...
Cisco Unified Contact Center Express
5.3
CVSSv3
CVE-2016-1319
Cisco Unified Communications Manager (aka CallManager) 9.1(2.10000.28), 10.5(2.10000.5), 10.5(2.12901.1), and 11.0(1.10000.10); Unified Communications Manager IM & Presence Service 10.5(2); Unified Contact Center Express 11.0(1); and Unity Connection 10.5(2) store a cleartext...
Cisco Unified Communications Manager Im And Presence Service 10.5\\\\\\(2\\\\\\)
Cisco Unified Contact Center Express 11.0\\\\\\(1\\\\\\)
Cisco Unified Communications Manager 9.1\\\\\\(2.10000.28\\\\\\)
Cisco Unified Communications Manager 10.5\\\\\\(2.10000.5\\\\\\)
Cisco Unified Communications Manager 10.5\\\\\\(2.12901.1\\\\\\)
Cisco Unified Communications Manager 11.0\\\\\\(1.10000.10\\\\\\)
Cisco Unity Connection 10.5\\\\\\(2\\\\\\)
4.8
CVSSv3
CVE-2021-1254
Multiple vulnerabilities in the web-based management interface of Cisco Finesse could allow an authenticated, remote malicious user to conduct a cross-site scripting (XSS) attack against a user of the interface. These vulnerabilities are due to insufficient validation of user-sup...
Cisco Finesse
4.8
CVSSv3
CVE-2019-12626
A vulnerability in the web-based management interface of Cisco Unified Contact Center Express (Unified CCX) could allow an authenticated, remote malicious user to conduct a stored cross-site scripting (XSS) attack against a user of the web-based management interface of an affecte...
Cisco Unified Contact Center Express 12.5\\(1\\)
4.3
CVSSv3
CVE-2023-20062
Multiple vulnerabilities in Cisco Unified Intelligence Center could allow an authenticated, remote malicious user to collect sensitive information or perform a server-side request forgery (SSRF) attack on an affected system. Cisco plans to release software updates that address th...
Cisco Unified Contact Center Express -
Cisco Unified Intelligence Center
Cisco Packaged Contact Center Enterprise -
Cisco Unified Contact Center Enterprise -
3.7
CVSSv3
CVE-2016-0701
The DH_check_pub_key function in crypto/dh/dh_check.c in OpenSSL 1.0.2 prior to 1.0.2f does not ensure that prime numbers are appropriate for Diffie-Hellman (DH) key exchange, which makes it easier for remote malicious users to discover a private DH exponent by making multiple ha...
Openssl Openssl 1.0.2a
Openssl Openssl 1.0.2e
Openssl Openssl 1.0.2b
Openssl Openssl 1.0.2c
Openssl Openssl 1.0.2
Openssl Openssl 1.0.2d
1 Article
NA
CVE-2015-6420
Serialized-object interfaces in certain Cisco Collaboration and Social Media; Endpoint Clients and Client Software; Network Application, Service, and Acceleration; Network and Content Security Devices; Network Management and Provisioning; Routing and Switching - Enterprise and Se...
Apache Commons Collections
Apache Commons Collections 4.0
5 Github repositories
NA
CVE-2015-1794
The ssl3_get_key_exchange function in ssl/s3_clnt.c in OpenSSL 1.0.2 prior to 1.0.2e allows remote servers to cause a denial of service (segmentation fault) via a zero p value in an anonymous Diffie-Hellman (DH) ServerKeyExchange message.
Openssl Openssl 1.0.2a
Openssl Openssl 1.0.2b
Openssl Openssl 1.0.2c
Openssl Openssl 1.0.2
Openssl Openssl 1.0.2d
1 Article
NA
CVE-2015-1788
The BN_GF2m_mod_inv function in crypto/bn/bn_gf2m.c in OpenSSL prior to 0.9.8s, 1.0.0 prior to 1.0.0e, 1.0.1 prior to 1.0.1n, and 1.0.2 prior to 1.0.2b does not properly handle ECParameters structures in which the curve is over a malformed binary polynomial field, which allows re...
Openssl Openssl
Openssl Openssl 1.0.1m
Openssl Openssl 1.0.2a
Openssl Openssl 1.0.1j
Openssl Openssl 1.0.0n
Openssl Openssl 1.0.1
Openssl Openssl 1.0.0c
Openssl Openssl 1.0.0i
Openssl Openssl 1.0.0
Openssl Openssl 1.0.1h
Openssl Openssl 1.0.0m
Openssl Openssl 1.0.1c
Openssl Openssl 1.0.1g
Openssl Openssl 1.0.0h
Openssl Openssl 1.0.0e
Openssl Openssl 1.0.0f
Openssl Openssl 1.0.0d
Openssl Openssl 1.0.0j
Openssl Openssl 1.0.0p
Openssl Openssl 1.0.1a
Openssl Openssl 1.0.0o
Openssl Openssl 1.0.1d
1 Article
CVSSv3
CVSSv2
CVSSv3
VMScore
Recommendations:
NULL pointer dereference
CVE-2023-52689
CVE-2024-23803
client side
CVE-2023-52696
information disclosure
CVE-2024-35843
CVE-2024-27130
CVE-2023-52697
Vulnerability Notification Service
You don’t have to wait for vulnerability scanning results
Get Started
« PREV
1
2
3
4
5
6
7
8
9
NEXT »