Unified Intelligence Center@9.0(2) Security Vulnerabilities and Issues — Unified Intelligence Center@9.0(2) CVE List

Lucene search

CiscoUnified Intelligence Center9.0(2)

3 matches found

CVE•added 2016/10/05 9:59 p.m.•44 views

CVE-2016-6426

The j_spring_security_switch_user function in Cisco Unified Intelligence Center (CUIC) 8.5.4 through 9.1(1), as used in Unified Contact Center Express 10.0(1) through 11.0(1), allows remote attackers to create user accounts by visiting an unspecified web page, aka Bug IDs CSCuy75027 and CSCuy81653.

7.5CVSS7.5AI score0.00244EPSS

CVE•added 2016/10/06 10:59 a.m.•41 views

CVE-2016-6427

Cross-site request forgery (CSRF) vulnerability in Cisco Unified Intelligence Center (CUIC) 8.5.4 through 9.1(1), as used in Unified Contact Center Express 10.0(1) through 11.0(1), allows remote attackers to hijack the authentication of arbitrary users, aka Bug IDs CSCuy75036 and CSCuy81654.

8.8CVSS8.9AI score0.00129EPSS

CVE•added 2016/10/06 10:59 a.m.•34 views

CVE-2016-6425

Cross-site scripting (XSS) vulnerability in Cisco Unified Intelligence Center (CUIC) 8.5.4 through 9.1(1), as used in Unified Contact Center Express 10.0(1) through 11.0(1), allows remote attackers to inject arbitrary web script or HTML via a crafted URL, aka Bug IDs CSCuy75020 and CSCuy81652.

6.1CVSS6AI score0.00296EPSS