- EPSS 12.27%
- Published 16.11.2017 07:29:01
- Last modified 31.07.2025 15:03:24
A vulnerability in the upgrade mechanism of Cisco collaboration products based on the Cisco Voice Operating System software platform could allow an unauthenticated, remote attacker to gain unauthorized, elevated access to an affected device. The vuln...
CVE-2016-6427
- EPSS 0.13%
- Published 06.10.2016 10:59:12
- Last modified 12.04.2025 10:46:40
Cross-site request forgery (CSRF) vulnerability in Cisco Unified Intelligence Center (CUIC) 8.5.4 through 9.1(1), as used in Unified Contact Center Express 10.0(1) through 11.0(1), allows remote attackers to hijack the authentication of arbitrary use...
CVE-2016-6425
- EPSS 0.3%
- Published 06.10.2016 10:59:11
- Last modified 12.04.2025 10:46:40
Cross-site scripting (XSS) vulnerability in Cisco Unified Intelligence Center (CUIC) 8.5.4 through 9.1(1), as used in Unified Contact Center Express 10.0(1) through 11.0(1), allows remote attackers to inject arbitrary web script or HTML via a crafted...
CVE-2016-6426
- EPSS 0.24%
- Published 05.10.2016 21:59:00
- Last modified 12.04.2025 10:46:40
The j_spring_security_switch_user function in Cisco Unified Intelligence Center (CUIC) 8.5.4 through 9.1(1), as used in Unified Contact Center Express 10.0(1) through 11.0(1), allows remote attackers to create user accounts by visiting an unspecified...