Cisco

Enterprise Chat And Email

14 Schwachstellen gefunden.

Hinweis: Diese Liste kann unvollständig sein. Daten werden ohne Gewähr im Ursprungsformat bereitgestellt.
6.1

CVE-2025-20310

Medienbericht
  • EPSS 0.05%
  • Veröffentlicht 02.07.2025 16:15:28
  • Zuletzt bearbeitet 31.07.2025 16:58:29

A vulnerability in the web UI of Cisco Enterprise Chat and Email (ECE) could allow an unauthenticated, remote attacker to conduct a stored cross-site scripting (XSS) attack against a user of the interface. This vulnerability exists because the web...

7.5

CVE-2025-20139

Medienbericht
  • EPSS 0.1%
  • Veröffentlicht 02.04.2025 17:15:43
  • Zuletzt bearbeitet 06.08.2025 20:03:54

A vulnerability in chat messaging features of Cisco Enterprise Chat and Email (ECE) could allow an unauthenticated, remote attacker to cause a denial of service (DoS) condition. This vulnerability is due to improper validation of user-supplied inp...

6.1

CVE-2022-20632

  • EPSS 0.08%
  • Veröffentlicht 15.11.2024 17:15:10
  • Zuletzt bearbeitet 31.07.2025 15:08:08

A vulnerability in the web-based management interface of Cisco ECE could allow an unauthenticated, remote attacker to conduct an XSS attack against a user of the interface of an affected device. The vulnerability exists because the web-based ma...

5.3

CVE-2022-20633

  • EPSS 0.09%
  • Veröffentlicht 15.11.2024 17:15:10
  • Zuletzt bearbeitet 31.07.2025 15:07:39

A vulnerability in the web-based management interface of Cisco ECE could allow an unauthenticated, remote attacker to perform a username enumeration attack against an affected device. This vulnerability is due to differences in authentication...

6.1

CVE-2022-20631

  • EPSS 0.1%
  • Veröffentlicht 15.11.2024 16:15:19
  • Zuletzt bearbeitet 31.07.2025 15:07:23

A vulnerability in the web-based management interface of Cisco ECE could allow an unauthenticated, remote attacker to conduct an XSS attack against a user of the interface of an affected device. The vulnerability exists because the web-based ma...

6.1

CVE-2022-20634

  • EPSS 0.04%
  • Veröffentlicht 15.11.2024 16:15:19
  • Zuletzt bearbeitet 11.08.2025 17:45:08

A vulnerability in the web-based management interface of Cisco ECE could allow an unauthenticated, remote attacker to redirect a user to an undesired web page. This vulnerability is due to improper input validation of the URL parameters in an H...

7.5

CVE-2024-20484

  • EPSS 0.27%
  • Veröffentlicht 06.11.2024 17:15:15
  • Zuletzt bearbeitet 04.04.2025 17:14:45

A vulnerability in the External Agent Assignment Service (EAAS) feature of Cisco Enterprise Chat and Email (ECE) could allow an unauthenticated, remote attacker to cause a denial of service (DoS) condition on an affected device. This vulnerability...

5.4

CVE-2024-20367

  • EPSS 0.16%
  • Veröffentlicht 03.04.2024 17:15:49
  • Zuletzt bearbeitet 07.05.2025 16:17:08

A vulnerability in the web UI of Cisco Enterprise Chat and Email (ECE) could allow an authenticated, remote attacker to conduct a cross-site scripting (XSS) attack against a user of the interface. This vulnerability exists because the web UI does ...

7.5

CVE-2023-44487

Warnung Medienbericht Exploit
  • EPSS 94.44%
  • Veröffentlicht 10.10.2023 14:15:10
  • Zuletzt bearbeitet 11.06.2025 17:29:54

The HTTP/2 protocol allows a denial of service (server resource consumption) because request cancellation can reset many streams quickly, as exploited in the wild in August through October 2023.

5.4

CVE-2022-20802

  • EPSS 0.18%
  • Veröffentlicht 27.05.2022 14:15:08
  • Zuletzt bearbeitet 21.11.2024 06:43:35

A vulnerability in the web interface of Cisco Enterprise Chat and Email (ECE) could allow an authenticated, remote attacker to conduct a cross-site scripting (XSS) attack against a user of the interface. This vulnerability is due to insufficient vali...