CVEDB API

Vulnerabilities

Vulnerable Software

Vulnerability Details CVE-2019-12633

A vulnerability in Cisco Unified Contact Center Express (Unified CCX) could allow an unauthenticated, remote attacker to bypass access controls and conduct a server-side request forgery (SSRF) attack on a targeted system. The vulnerability is due to improper validation of user-supplied input on the affected system. An attacker could exploit this vulnerability by sending the user of the web application a crafted request. If the request is processed, the attacker could access the system and perform unauthorized actions.

Exploit prediction scoring system (EPSS) score

EPSS Score 0.005

EPSS Ranking 65.4%

CVSS Severity

CVSS v3 Score 5.3

CVSS v2 Score 5.0

References

Products affected by CVE-2019-12633

Cisco » Unified Contact Center Express » Version: N/A

cpe:2.3:a:cisco:unified_contact_center_express:-
Cisco » Unified Contact Center Express » Version: 10.0(1)

cpe:2.3:a:cisco:unified_contact_center_express:10.0(1)
Cisco » Unified Contact Center Express » Version: 10.5(1)

cpe:2.3:a:cisco:unified_contact_center_express:10.5(1)
Cisco » Unified Contact Center Express » Version: 10.6(1)

cpe:2.3:a:cisco:unified_contact_center_express:10.6(1)
Cisco » Unified Contact Center Express » Version: 11.0(1)

cpe:2.3:a:cisco:unified_contact_center_express:11.0(1)
Cisco » Unified Contact Center Express » Version: 11.5(1)

cpe:2.3:a:cisco:unified_contact_center_express:11.5(1)
Cisco » Unified Contact Center Express » Version: 11.5.1es01

cpe:2.3:a:cisco:unified_contact_center_express:11.5.1es01
Cisco » Unified Contact Center Express » Version: 11.5.1su1

cpe:2.3:a:cisco:unified_contact_center_express:11.5.1su1
Cisco » Unified Contact Center Express » Version: 11.6

cpe:2.3:a:cisco:unified_contact_center_express:11.6
Cisco » Unified Contact Center Express » Version: 11.6(1)

cpe:2.3:a:cisco:unified_contact_center_express:11.6(1)
Cisco » Unified Contact Center Express » Version: 11.6(2)

cpe:2.3:a:cisco:unified_contact_center_express:11.6(2)
Cisco » Unified Contact Center Express » Version: 12.0(1)

cpe:2.3:a:cisco:unified_contact_center_express:12.0(1)

Vulnerabilities

Vulnerable Software

Vulnerability Details CVE-2019-12633

Products

Pricing

Contact Us