Lucene search
K
CiscoPackaged Contact Center Enterprise

7 matches found

CVE
CVE
added 2021/12/10 12:0 a.m.6778 views

CVE-2021-44228

CVE-2021-44228 (Log4Shell) affects Apache Log4j2 2.0-beta9 through 2.15.0 (excluding some security releases) and is specific to log4j-core. The vulnerability arises from JNDI features used in configuration, log messages, and parameters, which can be exploited when an attacker can control log mess...

10CVSS10AI score0.99999EPSS
In wild
CVE
CVE
added 2023/01/19 1:38 a.m.112 views

CVE-2023-20058

Cisco Unified Intelligence Center is affected by a reflected XSS in its web-based management interface. The issue arises from inadequate input validation, allowing an unauthenticated, remote attacker to lure a user into clicking a crafted link, which could execute arbitrary script code in the int...

6.1CVSS6AI score0.00493EPSS
CVE
CVE
added 2023/03/03 12:0 a.m.86 views

CVE-2023-20061

Cisco Unified Intelligence Center (CUIC) is affected by CVE-2023-20061 (and related CVE-2023-20062 per Cisco advisory) where an authenticated, remote attacker could either access sensitive information or perform a server-side request forgery (SSRF) due to deficiencies in REST API output handling ...

6.5CVSS6.6AI score0.00731EPSS
CVE
CVE
added 2023/03/03 12:0 a.m.79 views

CVE-2023-20062

CVE-2023-20062 concerns Cisco Unified Intelligence Center. The described issues allow an authenticated, remote attacker to collect sensitive information or perform a server-side request forgery (SSRF) against an affected system. The root cause is described in connected advisories as improper inpu...

6.5CVSS5.3AI score0.00525EPSS
CVE
CVE
added 2021/06/16 5:45 p.m.78 views

CVE-2021-1395

CVE-2021-1395 concerns the web-based management interface of Cisco Unified Intelligence Center, where a reflected XSS vulnerability exists due to improper input validation. An unauthenticated, remote attacker could lure a user to click a crafted link, potentially executing arbitrary script in the...

6.1CVSS5.1AI score0.00813EPSS
CVE
CVE
added 2018/10/05 2:0 p.m.48 views

CVE-2018-0444

CVE-2018-0444 affects Cisco Packaged Contact Center Enterprise across the web-based management interface. The vulnerability is a stored XSS caused by insufficient validation of user-supplied input. An unauthenticated, remote attacker can lure a user to click a crafted link, potentially executing ...

6.1CVSS6.3AI score0.0042EPSS
CVE
CVE
added 2018/10/05 2:0 p.m.48 views

CVE-2018-0445

Cisco Packaged Contact Center Enterprise (PCCE) web-based management interface is affected by a CSRF vulnerability due to insufficient protections. An unauthenticated, remote attacker could entice a user to follow a crafted link and perform arbitrary actions on the device with the user’s privileg...

8.8CVSS8.7AI score0.00566EPSS