Lucene search
K

113 matches found

Prion
Prion
added 2020/05/22 6:15 a.m.26 views

Deserialization of untrusted data

A vulnerability in the Java Remote Management Interface of Cisco Unified Contact Center Express Unified CCX could allow an unauthenticated, remote attacker to execute arbitrary code on an affected device. The vulnerability is due to insecure deserialization of user-supplied content by the affecte...

10CVSS9.7AI score0.06945EPSS
Exploits0References1Affected Software1
CVE
CVE
added 2020/05/22 5:15 a.m.63 views

CVE-2020-3280

CVE-2020-3280 affects Cisco Unified Contact Center Express (Unified CCX) via insecure deserialization in the Java Remote Management Interface, enabling an unauthenticated, remote attacker to execute code as root by sending a malicious serialized Java object to a specific listener. Cisco’s advisor...

10CVSS9.8AI score0.06945EPSS
Exploits0References1Affected Software1
CISA
CISA
added 2020/05/22 12:0 a.m.10 views

Cisco Releases Security Updates

Cisco has released security updates to address vulnerabilities in Unified CCX software and Prime Network Registrar. A remote attacker could exploit one of these vulnerabilities to take control of an affected system. The Cybersecurity and Infrastructure Security Agency CISA encourages users and...

7.6AI score
Exploits0References3
ThreatPost
ThreatPost
added 2020/05/21 3:44 p.m.965 views

Critical Cisco Bug in Unified CCX Allows Remote Code Execution

Cisco has hurried out a fix out for a critical remote code-execution flaw in its customer interaction management solution, Cisco Unified Contact Center Express CCX. Cisco’s Unified CCX software is touted as a “contact center in a box” that allows companies to deploy customer-care applications. Th...

10CVSS1AI score0.26869EPSS
Exploits1References7
Cisco
Cisco
added 2020/02/19 4:0 p.m.30 views

Cisco Unified Contact Center Express Privilege Escalation Vulnerability

A vulnerability in the Administration Web Interface of Cisco Unified Contact Center Express Unified CCX could allow an authenticated, remote attacker to upload arbitrary files and execute commands on the underlying operating system. To exploit this vulnerability, an attacker needs valid...

7.2CVSS2.9AI score0.03415EPSS
Exploits0References1
CVE
CVE
added 2019/09/05 1:15 a.m.165 views

CVE-2019-12633

CVE-2019-12633 refers to a Server-Side Request Forgery (SSRF) vulnerability in Cisco Unified Contact Center Express (Unified CCX). The root cause is improper validation of user-supplied input on the affected web interface, allowing an unauthenticated, remote attacker to bypass access controls and...

7.5CVSS6.1AI score0.01515EPSS
Exploits0References1Affected Software1
CVE
CVE
added 2019/08/21 6:5 p.m.61 views

CVE-2019-12626

CVE-2019-12626 concerns Cisco Unified Contact Center Express (Unified CCX) and its web-based management interface. The issue is a stored cross-site scripting (XSS) vulnerability caused by insufficient validation of user-supplied input, exploitable when an authenticated attacker entices an adminis...

4.8CVSS4.8AI score0.00804EPSS
Exploits0References1Affected Software1
Lenovo
Lenovo
added 2018/11/13 5:10 p.m.475 views

Intel® PROSet/Wireless WiFi Software Vulnerabilities - US

Lenovo Security Advisory: LEN-24443 Potential Impact: Elevation of Privilege, Denial of Service, Information Disclosure Severity: High Scope of Impact: Systems with specific versions of Intel® PROSet/Wireless WiFi Software CVE Identifier: CVE-2006-7250, CVE-2007-3108, CVE-2007-4995, CVE-2007-5135...

10CVSS3.7AI score0.99999EPSS
Exploits55
Intel
Intel
added 2018/11/13 12:0 a.m.15 views

Intel® PROSet/Wireless WiFi Software Advisory

Summary: Multiple potential security vulnerabilities in Cisco Compatible eXtensions CCX component in Intel® PROSet/Wireless WiFi Software may allow escalation of privilege, denial of service and/or information disclosure. Intel is releasing PROSet/Wireless WiFi Software updates to mitigate this...

7.7AI score
Exploits0
NVD
NVD
added 2018/07/18 11:29 p.m.24 views

CVE-2018-0401

Multiple vulnerabilities in the web-based management interface of Cisco Unified Contact Center Express Unified CCX could allow an unauthenticated, remote attacker to conduct cross-site scripting XSS attacks against a user of the interface. Cisco Bug IDs: CSCvg70967...

6.1CVSS6.1AI score0.0121EPSS
Exploits0References2
NVD
NVD
added 2018/07/18 11:29 p.m.20 views

CVE-2018-0402

Multiple vulnerabilities in the web-based management interface of Cisco Unified Contact Center Express Unified CCX could allow an unauthenticated, remote attacker to conduct a cross-site request forgery CSRF attack. Cisco Bug IDs: CSCvg70921...

8.8CVSS8.9AI score0.01029EPSS
Exploits0References2
NVD
NVD
added 2018/07/18 11:29 p.m.22 views

CVE-2018-0403

Multiple vulnerabilities in the web-based management interface of Cisco Unified Contact Center Express Unified CCX could allow an unauthenticated, remote attacker to retrieve a cleartext password. Cisco Bug IDs: CSCvg71040...

9.8CVSS9.5AI score0.02659EPSS
Exploits0References2
Prion
Prion
added 2018/07/18 11:29 p.m.21 views

Cross site request forgery (csrf)

Multiple vulnerabilities in the web-based management interface of Cisco Unified Contact Center Express Unified CCX could allow an unauthenticated, remote attacker to conduct a cross-site request forgery CSRF attack. Cisco Bug IDs: CSCvg70921...

6.8CVSS8.8AI score0.01029EPSS
Exploits0References2Affected Software2
Prion
Prion
added 2018/07/18 11:29 p.m.19 views

Cross site scripting

Multiple vulnerabilities in the web-based management interface of Cisco Unified Contact Center Express Unified CCX could allow an unauthenticated, remote attacker to conduct cross-site scripting XSS attacks against a user of the interface. Cisco Bug IDs: CSCvg70904...

4.3CVSS6AI score0.01271EPSS
Exploits0References2Affected Software2
Prion
Prion
added 2018/07/18 11:29 p.m.21 views

Cross site scripting

Multiple vulnerabilities in the web-based management interface of Cisco Unified Contact Center Express Unified CCX could allow an unauthenticated, remote attacker to conduct cross-site scripting XSS attacks against a user of the interface. Cisco Bug IDs: CSCvg70967...

4.3CVSS6AI score0.0121EPSS
Exploits0References2Affected Software2
CVE
CVE
added 2018/07/18 11:0 p.m.63 views

CVE-2018-0403

CVE-2018-0403 affects Cisco Unified Contact Center Express (Unified CCX) through its web-based management interface. The root cause is the web UI pre-populating the login form password field with previously stored passwords from an internal database, enabling an unauthenticated, remote attacker t...

9.8CVSS9.3AI score0.02659EPSS
Exploits0References2Affected Software2
Vulnrichment
Vulnrichment
added 2018/07/18 11:0 p.m.8 views

CVE-2018-0402

Multiple vulnerabilities in the web-based management interface of Cisco Unified Contact Center Express Unified CCX could allow an unauthenticated, remote attacker to conduct a cross-site request forgery CSRF attack. Cisco Bug IDs: CSCvg70921...

7.2AI score0.01029EPSS
Exploits0References2
Cvelist
Cvelist
added 2018/07/18 11:0 p.m.24 views

CVE-2018-0400

Multiple vulnerabilities in the web-based management interface of Cisco Unified Contact Center Express Unified CCX could allow an unauthenticated, remote attacker to conduct cross-site scripting XSS attacks against a user of the interface. Cisco Bug IDs: CSCvg70904...

6.1AI score0.01271EPSS
Exploits0References2
NVD
NVD
added 2014/02/27 1:55 a.m.11 views

CVE-2014-2102

Cisco Unified Contact Center Express Unified CCX does not properly restrict the content of the CCMConfig page, which allows remote authenticated users to obtain sensitive information by examining this content, aka Bug ID CSCum95575...

4CVSS5.8AI score0.01329EPSS
Exploits0References2
Prion
Prion
added 2014/02/27 1:55 a.m.16 views

Cross site request forgery (csrf)

Cross-site request forgery CSRF vulnerability in the Unified Serviceability subsystem in Cisco Unified Contact Center Express Unified CCX allows remote attackers to hijack the authentication of arbitrary users, aka Bug ID CSCum95502...

6.8CVSS7.7AI score0.00818EPSS
Exploits0References2
Rows per page
Query Builder