CVE Search Engine - Security Vulnerabilities and Exploits Search Tool

A vulnerability in the web-based management interface of Cisco ECE could allow an unauthenticated, remote attacker to perform a username enumeration attack against an affected device. This vulnerability is due to differences in authentication responses that are sent back from the application as...

5.3CVSS7.1AI score0.00269EPSS

Exploits0References1

RedhatCVE•added 2025/05/22 9:50 p.m.•4 views

CVE-2022-20632

A vulnerability in the web-based management interface of Cisco ECE could allow an unauthenticated, remote attacker to conduct an XSS attack against a user of the interface of an affected device. The vulnerability exists because the web-based management interface does not properly validate...

6.1CVSS6.7AI score0.00444EPSS

Exploits0References1

RedhatCVE•added 2025/05/22 9:50 p.m.•4 views

CVE-2022-20634

A vulnerability in the web-based management interface of Cisco ECE could allow an unauthenticated, remote attacker to redirect a user to an undesired web page. This vulnerability is due to improper input validation of the URL parameters in an HTTP request that is sent to an affected system. An...

6.1CVSS6.9AI score0.00086EPSS

Exploits0References1

RedhatCVE•added 2025/05/22 9:50 p.m.•4 views

CVE-2022-20631

6.1CVSS6.7AI score0.0038EPSS

Exploits0References1

NVD•added 2024/11/15 5:15 p.m.•11 views

CVE-2022-20633

5.3CVSS0.00269EPSS

Exploits0References1

NVD•added 2024/11/15 5:15 p.m.•24 views

CVE-2022-20632

6.1CVSS0.00444EPSS

Exploits0References1

OSV•added 2024/11/15 5:15 p.m.•2 views

CVE-2022-20633

5.3CVSS5.8AI score

Exploits0References1

OSV•added 2024/11/15 5:15 p.m.•1 views

CVE-2022-20632

6.1CVSS6.1AI score

Exploits0References1

NVD•added 2024/11/15 4:15 p.m.•12 views

CVE-2022-20634

6.1CVSS0.00086EPSS

Exploits0References1

OSV•added 2024/11/15 4:15 p.m.•1 views

CVE-2022-20631

6.1CVSS6.1AI score

Exploits0References1

NVD•added 2024/11/15 4:15 p.m.•18 views

CVE-2022-20631

6.1CVSS0.0038EPSS

Exploits0References1

Vulnrichment•added 2024/04/03 4:22 p.m.•14 views

CVE-2024-20367

A vulnerability in the web UI of Cisco Enterprise Chat and Email ECE could allow an authenticated, remote attacker to conduct a cross-site scripting XSS attack against a user of the interface. This vulnerability exists because the web UI does not properly validate user-supplied input. An attacker...

5.4CVSS6.1AI score0.0016EPSS

Exploits0References1

CVE•added 2024/04/03 4:22 p.m.•71 views

CVE-2024-20367

Cisco Enterprise Chat and Email (ECE) web UI vulnerability (CVE-2024-20367) enables authenticated, remote XSS due to improper input validation. An attacker must coerce a user to click a crafted link, potentially executing arbitrary script in the UI or accessing browser data. Impact is limited to ...

5.4CVSS6AI score0.0016EPSS

Exploits0References1Affected Software1

Positive Technologies•added 2022/01/12 12:0 a.m.•2 views

PT-2022-1428 · Cisco · Cisco Ece

Name of the Vulnerable Software and Affected Versions: Cisco ECE affected versions not specified Description: A vulnerability in the web-based management interface of Cisco ECE could allow an unauthenticated, remote attacker to conduct a cross-site scripting XSS attack against a user of the...

6.4CVSS6.3AI score0.00444EPSS

Exploits0References10

Prion•added 2019/06/05 5:29 p.m.•14 views

Cross site scripting

A vulnerability in the web-based management interface of Cisco Enterprise Chat and Email ECE Center could allow an unauthenticated, remote attacker to conduct a cross-site scripting XSS attack against a user of the web-based management interface of an affected device. The vulnerability is due to...

4.3CVSS6AI score0.0012EPSS

Exploits0References2Affected Software1

Rows per page

Query Builder

Family

Bulletin Type

Min CVSS Score

Date

Order by