CVEDB API

Vulnerabilities

Vulnerable Software

Vulnerability Details CVE-2021-1463

A vulnerability in the web-based management interface of Cisco Unified Intelligence Center Software could allow an unauthenticated, remote attacker to conduct a cross-site scripting (XSS) attack against a user of the interface. This vulnerability exists because the web-based management interface does not properly validate user-supplied input. An attacker could exploit this vulnerability by persuading a user of an affected interface to click a crafted link. A successful exploit could allow the attacker to execute arbitrary script code in the context of the affected interface or access sensitive, browser-based information.

Exploit prediction scoring system (EPSS) score

EPSS Score 0.003

EPSS Ranking 55.8%

CVSS Severity

CVSS v3 Score 6.1

CVSS v2 Score 4.3

References

Products affected by CVE-2021-1463

Cisco » Unified Contact Center Express » Version: N/A

cpe:2.3:a:cisco:unified_contact_center_express:-
Cisco » Unified Contact Center Express » Version: 10.0(1)

cpe:2.3:a:cisco:unified_contact_center_express:10.0(1)
Cisco » Unified Contact Center Express » Version: 10.5(1)

cpe:2.3:a:cisco:unified_contact_center_express:10.5(1)
Cisco » Unified Contact Center Express » Version: 10.6(1)

cpe:2.3:a:cisco:unified_contact_center_express:10.6(1)
Cisco » Unified Contact Center Express » Version: 11.0(1)

cpe:2.3:a:cisco:unified_contact_center_express:11.0(1)
Cisco » Unified Contact Center Express » Version: 11.5(1)

cpe:2.3:a:cisco:unified_contact_center_express:11.5(1)
Cisco » Unified Contact Center Express » Version: 11.5.1es01

cpe:2.3:a:cisco:unified_contact_center_express:11.5.1es01
Cisco » Unified Contact Center Express » Version: 11.5.1su1

cpe:2.3:a:cisco:unified_contact_center_express:11.5.1su1
Cisco » Unified Contact Center Express » Version: 11.6

cpe:2.3:a:cisco:unified_contact_center_express:11.6
Cisco » Unified Contact Center Express » Version: 11.6(1)

cpe:2.3:a:cisco:unified_contact_center_express:11.6(1)
Cisco » Unified Contact Center Express » Version: 11.6(2)

cpe:2.3:a:cisco:unified_contact_center_express:11.6(2)
Cisco » Unified Contact Center Express » Version: 11.6(2)es04

cpe:2.3:a:cisco:unified_contact_center_express:11.6(2)es04
Cisco » Unified Contact Center Express » Version: 12.0

cpe:2.3:a:cisco:unified_contact_center_express:12.0
Cisco » Unified Contact Center Express » Version: 12.0(1)

cpe:2.3:a:cisco:unified_contact_center_express:12.0(1)
Cisco » Unified Contact Center Express » Version: 12.5(1)

cpe:2.3:a:cisco:unified_contact_center_express:12.5(1)
Cisco » Unified Contact Center Express » Version: 12.5(1)_su2_es05

cpe:2.3:a:cisco:unified_contact_center_express:12.5(1)_su2_es05
Cisco » Unified Intelligence Center » Version: Any

cpe:2.3:o:cisco:unified_intelligence_center:*
Cisco » Unified Intelligence Center » Version: N/A

cpe:2.3:o:cisco:unified_intelligence_center:-
Cisco » Unified Intelligence Center » Version: 10.0(1)

cpe:2.3:o:cisco:unified_intelligence_center:10.0(1)
Cisco » Unified Intelligence Center » Version: 10.6(1)

cpe:2.3:o:cisco:unified_intelligence_center:10.6(1)
Cisco » Unified Intelligence Center » Version: 11.5(1)

cpe:2.3:o:cisco:unified_intelligence_center:11.5(1)
Cisco » Unified Intelligence Center » Version: 11.6

cpe:2.3:o:cisco:unified_intelligence_center:11.6
Cisco » Unified Intelligence Center » Version: 11.6(1)

cpe:2.3:o:cisco:unified_intelligence_center:11.6(1)
Cisco » Unified Intelligence Center » Version: 12.5(1)

cpe:2.3:o:cisco:unified_intelligence_center:12.5(1)
Cisco » Unified Intelligence Center » Version: 9.5(1)

cpe:2.3:o:cisco:unified_intelligence_center:9.5(1)

Vulnerabilities

Vulnerable Software

Vulnerability Details CVE-2021-1463

Products

Pricing

Contact Us