Cisco

Unified Contact Center Enterprise

11 vulnerabilities found.

Hinweis: Diese Liste kann unvollständig sein. Daten werden ohne Gewähr im Ursprungsformat bereitgestellt.
7.5

CVE-2023-44487

Warning Media report Exploit
  • EPSS 94.44%
  • Published 10.10.2023 14:15:10
  • Last modified 11.06.2025 17:29:54

The HTTP/2 protocol allows a denial of service (server resource consumption) because request cancellation can reset many streams quickly, as exploited in the wild in August through October 2023.

4.3

CVE-2023-20062

  • EPSS 0.12%
  • Published 03.03.2023 16:15:10
  • Last modified 21.11.2024 07:40:27

Multiple vulnerabilities in Cisco Unified Intelligence Center could allow an authenticated, remote attacker to collect sensitive information or perform a server-side request forgery (SSRF) attack on an affected system. Cisco plans to release software...

6.5

CVE-2023-20061

  • EPSS 0.12%
  • Published 03.03.2023 16:15:09
  • Last modified 21.11.2024 07:40:27

Multiple vulnerabilities in Cisco Unified Intelligence Center could allow an authenticated, remote attacker to collect sensitive information or perform a server-side request forgery (SSRF) attack on an affected system. Cisco plans to release software...

6.1

CVE-2023-20058

  • EPSS 0.18%
  • Published 20.01.2023 07:15:17
  • Last modified 21.11.2024 07:40:27

A vulnerability in the web-based management interface of Cisco Unified Intelligence Center could allow an unauthenticated, remote attacker to conduct a reflected cross-site scripting (XSS) attack against a user of the interface. This vulnerability...

10

CVE-2021-44228

Warning Exploit
  • EPSS 94.36%
  • Published 10.12.2021 10:15:09
  • Last modified 08.08.2025 18:52:00

Apache Log4j2 2.0-beta9 through 2.15.0 (excluding security releases 2.12.2, 2.12.3, and 2.3.1) JNDI features used in configuration, log messages, and parameters do not protect against attacker controlled LDAP and other JNDI related endpoints. An atta...

7.1

CVE-2020-3163

  • EPSS 0.35%
  • Published 19.02.2020 20:15:15
  • Last modified 21.11.2024 05:30:27

A vulnerability in the Live Data server of Cisco Unified Contact Center Enterprise could allow an unauthenticated, remote attacker to cause a denial of service (DoS) condition on an affected device. The vulnerability exists because the affected softw...

6.1

CVE-2016-1439

  • EPSS 0.25%
  • Published 23.06.2016 00:59:07
  • Last modified 12.04.2025 10:46:40

Cross-site scripting (XSS) vulnerability in the management interface in Cisco Unified Contact Center Enterprise through 10.5(2) allows remote attackers to inject arbitrary web script or HTML via a crafted URL, aka Bug ID CSCux59650.

4

CVE-2014-3323

  • EPSS 0.24%
  • Published 18.07.2014 00:55:04
  • Last modified 12.04.2025 10:46:40

Directory traversal vulnerability in Cisco Unified Contact Center Enterprise allows remote authenticated users to read arbitrary web-root files via a crafted URL, aka Bug ID CSCun25262.

4

CVE-2014-2180

  • EPSS 0.06%
  • Published 29.04.2014 10:37:03
  • Last modified 12.04.2025 10:46:40

The Document Management component in Cisco Unified Contact Center Express does not properly validate a parameter, which allows remote authenticated users to upload files to arbitrary pathnames via a crafted HTTP request, aka Bug ID CSCun74133.

9

CVE-2007-5539

  • EPSS 1.31%
  • Published 18.10.2007 00:17:00
  • Last modified 09.04.2025 00:30:58

Unspecified vulnerability in Cisco Unified Intelligent Contact Management Enterprise (ICME), Unified ICM Hosted (ICMH), Unified Contact Center Enterprise (UCCE), Unified Contact Center Hosted (UCCH), and System Unified Contact Center Enterprise (SUCC...