Vulmon
Recent Vulnerabilities
Research Posts
Trends
Blog
About
Contact
Vulmon Alerts
By Relevance
By Risk Score
By Publish Date
cisco unified contact center express - vulnerabilities and exploits
(subscribe to this query)
3.5
CVSSv2
CVE-2019-12626
A vulnerability in the web-based management interface of Cisco Unified Contact Center Express (Unified CCX) could allow an authenticated, remote malicious user to conduct a stored cross-site scripting (XSS) attack against a user of the web-based management interface of an affecte...
Cisco Unified Contact Center Express 12.5\\(1\\)
3.5
CVSSv2
CVE-2009-2048
Cross-site scripting (XSS) vulnerability in the Administration interface in Cisco Customer Response Solutions (CRS) prior to 7.0(1) SR2 in Cisco Unified Contact Center Express (aka CCX) server allows remote authenticated users to inject arbitrary web script or HTML into the CCX d...
Cisco Crs 7.0
Cisco Unified Ccx 6.0\\(1\\)
Cisco Unified Ccx 5.0\\(1\\)
Cisco Unified Ccx 3.5
Cisco Unified Ip Ivr 3.1
Cisco Unified Ip Ivr 7.0
Cisco Unified Ip Ivr 7.0\\(1\\)
Cisco Crs 4.1
Cisco Crs 4.5
Cisco Unified Ccx 4.5\\(2\\)
Cisco Unified Ccx 4.0\\(3\\)
Cisco Unified Ip Ivr 4.1
Cisco Unified Ip Ivr 4.5
Cisco Unified Ip Contact Center Express 6.0\\(1\\)
Cisco Unified Ip Contact Center Express 7.0
Cisco Customer Response Applications 3.5
Cisco Crs 3.5
Cisco Crs 4.0
Cisco Unified Ccx 4.0\\(1\\)
Cisco Unified Ccx 4.5\\(1\\)
Cisco Unified Ip Ivr 3.0
Cisco Unified Ip Ivr 4.0
2.6
CVSSv2
CVE-2016-0701
The DH_check_pub_key function in crypto/dh/dh_check.c in OpenSSL 1.0.2 prior to 1.0.2f does not ensure that prime numbers are appropriate for Diffie-Hellman (DH) key exchange, which makes it easier for remote malicious users to discover a private DH exponent by making multiple ha...
Openssl Openssl 1.0.2a
Openssl Openssl 1.0.2e
Openssl Openssl 1.0.2b
Openssl Openssl 1.0.2c
Openssl Openssl 1.0.2
Openssl Openssl 1.0.2d
1 Article
2.6
CVSSv2
CVE-2015-1787
The ssl3_get_client_key_exchange function in s3_srvr.c in OpenSSL 1.0.2 prior to 1.0.2a, when client authentication and an ephemeral Diffie-Hellman ciphersuite are enabled, allows remote malicious users to cause a denial of service (daemon crash) via a ClientKeyExchange message w...
Openssl Openssl 1.0.2
NA
CVE-2024-20253
A vulnerability in multiple Cisco Unified Communications and Contact Center Solutions products could allow an unauthenticated, remote malicious user to execute arbitrary code on an affected device. This vulnerability is due to the improper processing of user-provided data that is...
Cisco Unified Communications Manager
Cisco Unified Communications Manager Im And Presence Service
Cisco Unity Connection
Cisco Unified Contact Center Express 12.5\\(1\\)
Cisco Virtualized Voice Browser 12.6\\(2\\)
Cisco Virtualized Voice Browser 12.6\\(1\\)
Cisco Virtualized Voice Browser 12.5\\(1\\)
NA
CVE-2023-44487
The HTTP/2 protocol allows a denial of service (server resource consumption) because request cancellation can reset many streams quickly, as exploited in the wild in August through October 2023.
Ietf Http 2.0
Nghttp2 Nghttp2
Netty Netty
Envoyproxy Envoy 1.27.0
Envoyproxy Envoy 1.26.4
Envoyproxy Envoy 1.25.9
Envoyproxy Envoy 1.24.10
Eclipse Jetty
Caddyserver Caddy
Golang Http2
Golang Go
Golang Networking
F5 Big-ip Analytics
F5 Big-ip Policy Enforcement Manager
F5 Big-ip Local Traffic Manager
F5 Big-ip Link Controller
F5 Big-ip Global Traffic Manager
F5 Big-ip Fraud Protection Service
F5 Big-ip Domain Name System
F5 Big-ip Application Security Manager
F5 Big-ip Application Acceleration Manager
F5 Big-ip Advanced Firewall Manager
35 Github repositories
2 Articles
NA
CVE-2023-20232
A vulnerability in the Tomcat implementation for Cisco Unified Contact Center Express (Unified CCX) could allow an unauthenticated, remote malicious user to cause a web cache poisoning attack on an affected device. This vulnerability is due to improper input validation of HTTP re...
Cisco Unified Contact Center Express
NA
CVE-2023-20096
A vulnerability in the web-based management interface of Cisco Unified Contact Center Express (Unified CCX) could allow an authenticated, remote malicious user to perform a stored cross-site scripting (XSS) attack. This vulnerability is due to insufficient input validation of use...
Cisco Unified Contact Center Express
NA
CVE-2023-20061
Multiple vulnerabilities in Cisco Unified Intelligence Center could allow an authenticated, remote malicious user to collect sensitive information or perform a server-side request forgery (SSRF) attack on an affected system. Cisco plans to release software updates that address th...
Cisco Unified Contact Center Express -
Cisco Unified Intelligence Center
Cisco Packaged Contact Center Enterprise -
Cisco Unified Contact Center Enterprise -
NA
CVE-2023-20062
Multiple vulnerabilities in Cisco Unified Intelligence Center could allow an authenticated, remote malicious user to collect sensitive information or perform a server-side request forgery (SSRF) attack on an affected system. Cisco plans to release software updates that address th...
Cisco Unified Contact Center Express -
Cisco Unified Intelligence Center
Cisco Packaged Contact Center Enterprise -
Cisco Unified Contact Center Enterprise -
CVSSv2
CVSSv2
CVSSv3
VMScore
Recommendations:
CVE-2023-49223
CVE-2024-0044
information disclosure
CVE-2024-35753
HTML injection
CVE-2024-21306
CVE-2024-35733
SQL injection
CVE-2024-35732
Vulnerability Notification Service
You don’t have to wait for vulnerability scanning results
Get Started
« PREV
3
4
5
6
7
8
9
NEXT »