EUVD-2021-6712

Malicious code in bioql PyPI...

CVE-2021-1245

Cisco Finesse and Cisco Unified CVP OpenSocial Gadget Editor Cross-Site Scripting Vulnerability A vulnerability in the web-based management interface of Cisco Finesse and Cisco Unified CVP could allow an unauthenticated, remote attacker to conduct a cross-site scripting XSS attack against a user ...

CVE-2021-1599

A vulnerability in the web-based management interface of Cisco Unified Customer Voice Portal CVP could allow an authenticated, remote attacker to perform a cross-site scripting XSS attack against a user. This vulnerability is due to insufficient input validation of a parameter that is used by the...

CVE-2021-1245 Cisco Finesse OpenSocial Gadget Editor Cross-Site Scripting Vulnerability

Cisco Finesse and Cisco Unified CVP OpenSocial Gadget Editor Cross-Site Scripting Vulnerability A vulnerability in the web-based management interface of Cisco Finesse and Cisco Unified CVP could allow an unauthenticated, remote attacker to conduct a cross-site scripting XSS attack against a user ...

CVE-2021-1246 Cisco Finesse OpenSocial Gadget Editor Unauthenticated Access Vulnerability

Cisco Finesse, Cisco Virtualized Voice Browser, and Cisco Unified CVP OpenSocial Gadget Editor Unauthenticated Access Vulnerability A vulnerability in the web management interface of Cisco Finesse, Cisco Virtualized Voice Browser, and Cisco Unified CVP could allow an unauthenticated, remote...

PT-2021-1632 · Cisco · Cisco Unified Cvp +1

Name of the Vulnerable Software and Affected Versions: Cisco Finesse and Cisco Unified CVP affected versions not specified Description: A vulnerability in the web-based management interface of Cisco Finesse and Cisco Unified CVP could allow an unauthenticated, remote attacker to conduct a...

CVE-2019-16017

A vulnerability in the Operations, Administration, Maintenance and Provisioning OAMP OpsConsole Server for Cisco Unified Customer Voice Portal CVP could allow an authenticated, remote attacker to execute Insecure Direct Object Reference actions on specific pages within the OAMP application. The...

Input validation

A vulnerability in the Operations, Administration, Maintenance and Provisioning OAMP OpsConsole Server for Cisco Unified Customer Voice Portal CVP could allow an authenticated, remote attacker to execute Insecure Direct Object Reference actions on specific pages within the OAMP application. The...

CVE-2019-16017

CVE-2019-16017 affects Cisco Unified CVP OAMP OpsConsole Server. The issue arises from insufficient input validation on specific OAMP pages, allowing an authenticated attacker to perform Insecure Direct Object Reference actions. Impact in documented details includes information disclosure beyond ...

CVE-2019-16017 Cisco Unified Customer Voice Portal Insecure Direct Object Reference Vulnerability

A vulnerability in the Operations, Administration, Maintenance and Provisioning OAMP OpsConsole Server for Cisco Unified Customer Voice Portal CVP could allow an authenticated, remote attacker to execute Insecure Direct Object Reference actions on specific pages within the OAMP application. The...

Design/Logic Flaw

A vulnerability in the Java Remote Method Invocation RMI interface of Cisco Unified Customer Voice Portal CVP could allow an unauthenticated, remote attacker to access sensitive information on an affected device. The vulnerability exists because certain RMI listeners are not properly authenticate...

Cisco Unified Customer Voice Portal Insecure Direct Object Reference Vulnerability

A vulnerability in the Operations, Administration, Maintenance and Provisioning OAMP OpsConsole Server for Cisco Unified Customer Voice Portal CVP could allow an authenticated, remote attacker to execute Insecure Direct Object Reference actions on specific pages within the OAMP application. The...

Race condition

A vulnerability in the application server of the Cisco Unified Customer Voice Portal CVP could allow an unauthenticated, remote attacker to cause a denial of service DoS condition on the affected device. The vulnerability is due to malformed SIP INVITE traffic received on the CVP during...

CVE-2018-0086

A vulnerability in the application server of the Cisco Unified Customer Voice Portal CVP could allow an unauthenticated, remote attacker to cause a denial of service DoS condition on the affected device. The vulnerability is due to malformed SIP INVITE traffic received on the CVP during...

CVE-2018-0086

CVE-2018-0086 affects Cisco Unified CVP (Cisco Unified Customer Voice Portal). The issue is triggered by malformed SIP INVITE traffic during CVP communications with the Cisco Virtualized Voice Browser (VVB), allowing an unauthenticated remote attacker to cause a denial of service on the affected ...

Multiple Vulnerabilities in Cisco Unified Customer Voice Portal Software

Cisco Unified Customer Voice Portal Software Unified CVP contains multiple vulnerabilities. Various components of Cisco Unified CVP are affected; see the "Details" section for more information on the vulnerabilities. These vulnerabilities can be exploited independently; however, more than one...