Lucene search
+L
CiscoCx Cloud Agent

4 matches found

CVE
CVE
added 2021/12/10 12:0 a.m.6943 views

CVE-2021-44228

CVE-2021-44228 (Log4Shell) affects Apache Log4j2 2.0-beta9 through 2.15.0 (excluding some security releases) and is specific to log4j-core. The vulnerability arises from JNDI features used in configuration, log messages, and parameters, which can be exploited when an attacker can control log mess...

10CVSS10AI score0.99999EPSS
In wild
CVE
CVE
added 2022/04/01 10:17 p.m.2503 views

CVE-2022-22965

CVE-2022-22965 (Spring4Shell) affects Spring Framework’s Spring MVC and Spring WebFlux when data binding is enabled in apps running on JDK 9+, with exploitation requiring Tomcat as WAR deployment. The issue is not exploited in Spring Boot executable jars. Vulnerable configurations are associated ...

9.8CVSS8.7AI score0.99677EPSS
In wildWeb
CVE
CVE
added 2023/01/19 1:36 a.m.75 views

CVE-2023-20043

The CVE-2023-20043 entry concerns Cisco CX Cloud Agent. Affected component: Cisco CX Cloud Agent. Root cause: insecure file permissions allowing a locally authenticated attacker to elevate privileges by executing a script with sudo, potentially gaining full control of the device. Documented impac...

6.7CVSS6.4AI score0.0021EPSS
CVE
CVE
added 2023/01/19 1:37 a.m.56 views

CVE-2023-20044

Cisco CX Cloud Agent contains a privilege-escalation vulnerability caused by insecure file permissions. An authenticated, local attacker could exploit settings persuaded by support to call insecure scripts, potentially taking full control of the affected device. Cisco has issued advisories and so...

7.3CVSS7AI score0.00143EPSS