Vulmon
Recent Vulnerabilities
Research Posts
Trends
Blog
About
Contact
Vulmon Alerts
By Relevance
By Risk Score
By Publish Date
cisco unified contact center express - vulnerabilities and exploits
(subscribe to this query)
4.3
CVSSv2
CVE-2021-1463
A vulnerability in the web-based management interface of Cisco Unified Intelligence Center Software could allow an unauthenticated, remote malicious user to conduct a cross-site scripting (XSS) attack against a user of the interface. This vulnerability exists because the web-base...
Cisco Unified Contact Center Express
Cisco Unified Intelligence Center
4.3
CVSSv2
CVE-2019-15278
A vulnerability in the web-based management interface of Cisco Finesse could allow an unauthenticated, remote malicious user to bypass authorization and access sensitive information related to the device. The vulnerability exists because the software fails to sanitize URLs before...
Cisco Finesse 11.6\\(1\\)
Cisco Finesse 12.0\\(1\\)
Cisco Finesse 12.5\\(1\\)
Cisco Unified Contact Center Express 12.0\\(1\\)
4.3
CVSSv2
CVE-2019-15259
A vulnerability in Cisco Unified Contact Center Express (UCCX) Software could allow an unauthenticated, remote malicious user to conduct an HTTP response splitting attack. The vulnerability is due to insufficient input validation of some parameters that are passed to the web serv...
Cisco Unified Contact Center Express 12.0\\(1\\)
Cisco Unified Contact Center Express
4.3
CVSSv2
CVE-2019-1670
A vulnerability in the web-based management interface of Cisco Unified Intelligence Center Software could allow an unauthenticated, remote malicious user to conduct a cross-site scripting (XSS) attack against a user of the web interface of an affected system. The vulnerability is...
Cisco Unified Intelligence Center 9.5\\(1\\)
4.3
CVSSv2
CVE-2018-0401
Multiple vulnerabilities in the web-based management interface of Cisco Unified Contact Center Express (Unified CCX) could allow an unauthenticated, remote malicious user to conduct cross-site scripting (XSS) attacks against a user of the interface. Cisco Bug IDs: CSCvg70967.
Cisco Unified Contact Center Express 11.5\\(1\\)
Cisco Unified Ip Interactive Voice Response 11.5\\(1\\)
4.3
CVSSv2
CVE-2018-0400
Multiple vulnerabilities in the web-based management interface of Cisco Unified Contact Center Express (Unified CCX) could allow an unauthenticated, remote malicious user to conduct cross-site scripting (XSS) attacks against a user of the interface. Cisco Bug IDs: CSCvg70904.
Cisco Unified Contact Center Express 11.5\\(1\\)
Cisco Unified Ip Interactive Voice Response 11.5\\(1\\)
4.3
CVSSv2
CVE-2017-12288
A vulnerability in the web-based management interface of Cisco Unified Contact Center Express could allow an unauthenticated, remote malicious user to conduct a cross-site scripting (XSS) attack against a user of an affected device. The vulnerability is due to insufficient valida...
Cisco Finesse 11.5\\(1\\)
4.3
CVSSv2
CVE-2016-6425
Cross-site scripting (XSS) vulnerability in Cisco Unified Intelligence Center (CUIC) 8.5.4 up to and including 9.1(1), as used in Unified Contact Center Express 10.0(1) up to and including 11.0(1), allows remote malicious users to inject arbitrary web script or HTML via a crafted...
Cisco Unified Intelligence Center 8.5.4
Cisco Unified Contact Center Express 10.0\\(1\\)
Cisco Unified Contact Center Express 10.6\\(1\\)
Cisco Unified Intelligence Center 9.0\\(2\\)
Cisco Unified Contact Center Express 10.5\\(1\\)
Cisco Unified Intelligence Center 9.1\\(1\\)
Cisco Unified Contact Center Express 11.0\\(1\\)
4.3
CVSSv2
CVE-2016-6426
The j_spring_security_switch_user function in Cisco Unified Intelligence Center (CUIC) 8.5.4 up to and including 9.1(1), as used in Unified Contact Center Express 10.0(1) up to and including 11.0(1), allows remote malicious users to create user accounts by visiting an unspecified...
Cisco Unified Contact Center Express 11.0\\(1\\)
Cisco Unified Intelligence Center 8.5.4
Cisco Unified Contact Center Express 10.6\\(1\\)
Cisco Unified Intelligence Center 9.0\\(2\\)
Cisco Unified Contact Center Express 10.5\\(1\\)
Cisco Unified Intelligence Center 9.1\\(1\\)
Cisco Unified Contact Center Express 10.0\\(1\\)
4.3
CVSSv2
CVE-2016-1298
Multiple cross-site scripting (XSS) vulnerabilities in Cisco Unified Contact Center Express 10.0(1), 10.5(1), 10.6(1), and 11.0(1) allow remote malicious users to inject arbitrary web script or HTML via vectors related to permalinks, aka Bug ID CSCux92033.
Cisco Unified Contact Center Express 10.0\\(1\\)
Cisco Unified Contact Center Express 11.0\\(1\\)
Cisco Unified Contact Center Express 10.6\\(1\\)
Cisco Unified Contact Center Express 10.5\\(1\\)
CVSSv2
CVSSv2
CVSSv3
VMScore
Recommendations:
CVE-2020-4463
CVE-2024-29895
inject
CVE-2023-52689
CVE-2024-5049
CVE-2024-5051
privilege escalation
physical
CVE-2023-52676
Vulnerability Notification Service
You don’t have to wait for vulnerability scanning results
Get Started
« PREV
1
2
3
4
5
6
7
8
9
NEXT »