Cisco

Unified Contact Center Express

31 Schwachstellen gefunden.

Hinweis: Diese Liste kann unvollständig sein. Daten werden ohne Gewähr im Ursprungsformat bereitgestellt.
7.2

CVE-2025-20375

Medienbericht
  • EPSS 0.05%
  • Veröffentlicht 05.11.2025 16:31:43
  • Zuletzt bearbeitet 17.11.2025 19:40:23

A vulnerability in the web UI of Cisco Unified CCX could allow an authenticated, remote attacker to upload and execute arbitrary files. This vulnerability is due to an insufficient input validation associated to specific UI features. An attacker c...

7.2

CVE-2025-20376

Medienbericht
  • EPSS 0.06%
  • Veröffentlicht 05.11.2025 16:31:38
  • Zuletzt bearbeitet 17.11.2025 19:39:35

A vulnerability in the web UI of Cisco Unified CCX could allow an authenticated, remote attacker to upload and execute arbitrary files. This vulnerability is due to an insufficient input validation associated to file upload mechanisms. An attacker...

4.9

CVE-2025-20374

Medienbericht
  • EPSS 0.26%
  • Veröffentlicht 05.11.2025 16:31:23
  • Zuletzt bearbeitet 17.11.2025 19:40:48

A vulnerability in the web UI of Cisco Unified CCX could allow an authenticated, remote attacker to perform a directory traversal and access arbitrary resources. This vulnerability is due to an insufficient input validation associated to specific ...

9.8

CVE-2025-20358

Medienbericht
  • EPSS 0.4%
  • Veröffentlicht 05.11.2025 16:31:23
  • Zuletzt bearbeitet 07.11.2025 15:43:44

A vulnerability in the Contact Center Express (CCX) Editor application of Cisco Unified CCX could allow an unauthenticated, remote attacker to bypass authentication and obtain administrative permissions pertaining to script creation and execution. ...

9.8

CVE-2025-20354

Medienbericht
  • EPSS 0.14%
  • Veröffentlicht 05.11.2025 16:31:14
  • Zuletzt bearbeitet 07.11.2025 15:44:35

A vulnerability in the Java Remote Method Invocation (RMI) process of Cisco Unified CCX could allow an unauthenticated, remote attacker to upload arbitrary files and execute arbitrary commands with root permissions on an affected system. This vuln...

5.3

CVE-2023-20232

  • EPSS 0.1%
  • Veröffentlicht 16.08.2023 22:15:12
  • Zuletzt bearbeitet 21.11.2024 07:40:57

A vulnerability in the Tomcat implementation for Cisco Unified Contact Center Express (Unified CCX) could allow an unauthenticated, remote attacker to cause a web cache poisoning attack on an affected device. This vulnerability is due to improper...

5.4

CVE-2023-20096

  • EPSS 0.13%
  • Veröffentlicht 05.04.2023 19:15:07
  • Zuletzt bearbeitet 21.11.2024 07:40:32

A vulnerability in the web-based management interface of Cisco Unified Contact Center Express (Unified CCX) could allow an authenticated, remote attacker to perform a stored cross-site scripting (XSS) attack. This vulnerability is due to insufficient...

4.3

CVE-2023-20062

  • EPSS 0.15%
  • Veröffentlicht 03.03.2023 16:15:10
  • Zuletzt bearbeitet 21.11.2024 07:40:27

Multiple vulnerabilities in Cisco Unified Intelligence Center could allow an authenticated, remote attacker to collect sensitive information or perform a server-side request forgery (SSRF) attack on an affected system. Cisco plans to release software...

6.5

CVE-2023-20061

  • EPSS 0.16%
  • Veröffentlicht 03.03.2023 16:15:09
  • Zuletzt bearbeitet 21.11.2024 07:40:27

Multiple vulnerabilities in Cisco Unified Intelligence Center could allow an authenticated, remote attacker to collect sensitive information or perform a server-side request forgery (SSRF) attack on an affected system. Cisco plans to release software...

6.1

CVE-2023-20058

  • EPSS 0.26%
  • Veröffentlicht 20.01.2023 07:15:17
  • Zuletzt bearbeitet 21.11.2024 07:40:27

A vulnerability in the web-based management interface of Cisco Unified Intelligence Center could allow an unauthenticated, remote attacker to conduct a reflected cross-site scripting (XSS) attack against a user of the interface. This vulnerability...