CVEDB API

Vulnerabilities

Vulnerable Software

Vulnerability Details CVE-2021-1599

A vulnerability in the web-based management interface of Cisco Unified Customer Voice Portal (CVP) could allow an authenticated, remote attacker to perform a cross-site scripting (XSS) attack against a user. This vulnerability is due to insufficient input validation of a parameter that is used by the web-based management interface. An attacker could exploit this vulnerability by persuading a user to click a malicious link. A successful exploit could allow the attacker to execute arbitrary code in the context of the interface, access sensitive, browser-based information, or cause an affected device to reboot under certain conditions.

Exploit prediction scoring system (EPSS) score

EPSS Score 0.003

EPSS Ranking 54.6%

CVSS Severity

CVSS v3 Score 5.4

CVSS v2 Score 3.5

References

Products affected by CVE-2021-1599

Cisco » Unified Customer Voice Portal » Version: 10.5

cpe:2.3:a:cisco:unified_customer_voice_portal:10.5
Cisco » Unified Customer Voice Portal » Version: 10.5(1)

cpe:2.3:a:cisco:unified_customer_voice_portal:10.5(1)
Cisco » Unified Customer Voice Portal » Version: 11.0

cpe:2.3:a:cisco:unified_customer_voice_portal:11.0
Cisco » Unified Customer Voice Portal » Version: 11.0(1)

cpe:2.3:a:cisco:unified_customer_voice_portal:11.0(1)
Cisco » Unified Customer Voice Portal » Version: 11.5

cpe:2.3:a:cisco:unified_customer_voice_portal:11.5
Cisco » Unified Customer Voice Portal » Version: 11.5(1)

cpe:2.3:a:cisco:unified_customer_voice_portal:11.5(1)
Cisco » Unified Customer Voice Portal » Version: 11.6

cpe:2.3:a:cisco:unified_customer_voice_portal:11.6
Cisco » Unified Customer Voice Portal » Version: 11.6(1)

cpe:2.3:a:cisco:unified_customer_voice_portal:11.6(1)
Cisco » Unified Customer Voice Portal » Version: 11.6(1)_es-11

cpe:2.3:a:cisco:unified_customer_voice_portal:11.6(1)_es-11
Cisco » Unified Customer Voice Portal » Version: 11.6(2)

cpe:2.3:a:cisco:unified_customer_voice_portal:11.6(2)
Cisco » Unified Customer Voice Portal » Version: 12.0

cpe:2.3:a:cisco:unified_customer_voice_portal:12.0
Cisco » Unified Customer Voice Portal » Version: 12.0(1)

cpe:2.3:a:cisco:unified_customer_voice_portal:12.0(1)
Cisco » Unified Customer Voice Portal » Version: 12.0(1)_es-7

cpe:2.3:a:cisco:unified_customer_voice_portal:12.0(1)_es-7
Cisco » Unified Customer Voice Portal » Version: 12.5

cpe:2.3:a:cisco:unified_customer_voice_portal:12.5
Cisco » Unified Customer Voice Portal » Version: 12.5(1)

cpe:2.3:a:cisco:unified_customer_voice_portal:12.5(1)
Cisco » Unified Customer Voice Portal » Version: 3.0

cpe:2.3:a:cisco:unified_customer_voice_portal:3.0
Cisco » Unified Customer Voice Portal » Version: 3.6(10)

cpe:2.3:a:cisco:unified_customer_voice_portal:3.6(10)
Cisco » Unified Customer Voice Portal » Version: 4.0

cpe:2.3:a:cisco:unified_customer_voice_portal:4.0
Cisco » Unified Customer Voice Portal » Version: 4.0(2)

cpe:2.3:a:cisco:unified_customer_voice_portal:4.0(2)
Cisco » Unified Customer Voice Portal » Version: 4.1

cpe:2.3:a:cisco:unified_customer_voice_portal:4.1
Cisco » Unified Customer Voice Portal » Version: 7.0

cpe:2.3:a:cisco:unified_customer_voice_portal:7.0
Cisco » Unified Customer Voice Portal » Version: 7.0(2)

cpe:2.3:a:cisco:unified_customer_voice_portal:7.0(2)
Cisco » Unified Customer Voice Portal » Version: 8.0(1)

cpe:2.3:a:cisco:unified_customer_voice_portal:8.0(1)
Cisco » Unified Customer Voice Portal » Version: 8.5(1)

cpe:2.3:a:cisco:unified_customer_voice_portal:8.5(1)
Cisco » Unified Customer Voice Portal » Version: 9.0

cpe:2.3:a:cisco:unified_customer_voice_portal:9.0
Cisco » Unified Customer Voice Portal » Version: 9.0(1)

cpe:2.3:a:cisco:unified_customer_voice_portal:9.0(1)

Vulnerabilities

Vulnerable Software

Vulnerability Details CVE-2021-1599

Products

Pricing

Contact Us