CVEDB API

Vulnerabilities

Vulnerable Software

Cisco: >> Unified Contact Center Express >> 11.5(1) Security Vulnerabilities

CVE-2018-0402

Multiple vulnerabilities in the web-based management interface of Cisco Unified Contact Center Express (Unified CCX) could allow an unauthenticated, remote attacker to conduct a cross-site request forgery (CSRF) attack. Cisco Bug IDs: CSCvg70921.

CVSS Score

8.8

EPSS Score

0.002

Published

2018-07-18

CVE-2018-0403

Multiple vulnerabilities in the web-based management interface of Cisco Unified Contact Center Express (Unified CCX) could allow an unauthenticated, remote attacker to retrieve a cleartext password. Cisco Bug IDs: CSCvg71040.

CVSS Score

9.8

EPSS Score

0.007

Published

2018-07-18

CVE-2017-6722

A vulnerability in the Extensible Messaging and Presence Protocol (XMPP) service of Cisco Unified Contact Center Express (UCCx) could allow an unauthenticated, remote attacker to masquerade as a legitimate user, aka a Clear Text Authentication Vulnerability. More Information: CSCuw86638. Known Affected Releases: 10.6(1). Known Fixed Releases: 11.5(1.10000.61).

CVSS Score

6.1

EPSS Score

0.004

Published

2017-07-04

Page 2

Vulnerabilities

Vulnerable Software

Cisco: >> Unified Contact Center Express >> 11.5(1) Security Vulnerabilities

Products

Pricing

Contact Us