Finesse@11.6(1) Security Vulnerabilities and Issues — Finesse@11.6(1) CVE List

Lucene search

CiscoFinesse11.6(1)

4 matches found

CVE•added 2019/09/05 2:15 a.m.•134 views

CVE-2019-12632

A vulnerability in Cisco Finesse could allow an unauthenticated, remote attacker to bypass access controls and conduct a server-side request forgery (SSRF) attack on an affected system. The vulnerability exists because the affected system does not properly validate user-supplied input. An attacker ...

7.5CVSS6.1AI score0.00565EPSS

CVE•added 2020/01/26 5:15 a.m.•114 views

CVE-2019-15278

A vulnerability in the web-based management interface of Cisco Finesse could allow an unauthenticated, remote attacker to bypass authorization and access sensitive information related to the device. The vulnerability exists because the software fails to sanitize URLs before it handles requests. An ...

6.1CVSS6.3AI score0.00704EPSS

CVE•added 2024/06/05 5:15 p.m.•53 views

CVE-2024-20404

A vulnerability in the web-based management interface of Cisco Finesse could allow an unauthenticated, remote attacker to conduct an SSRF attack on an affected system. This vulnerability is due to insufficient validation of user-supplied input for specific HTTP requests that are sent to an affected...

7.2CVSS6.4AI score0.39642EPSS

CVE•added 2024/06/05 5:15 p.m.•47 views

CVE-2024-20405

A vulnerability in the web-based management interface of Cisco Finesse could allow an unauthenticated, remote attacker to conduct a stored XSS attack by exploiting an RFI vulnerability. This vulnerability is due to insufficient validation of user-supplied input for specific HTTP requests that are s...

6.1CVSS6.3AI score0.00546EPSS