CVEDB API

Vulnerabilities

By Date
Known Exploited
Advanced Search

Vulnerable Software

Vendors
Products

Cisco: >> Unified Contact Center Express >> 10.5(1) Security Vulnerabilities

CVE-2016-6426

The j_spring_security_switch_user function in Cisco Unified Intelligence Center (CUIC) 8.5.4 through 9.1(1), as used in Unified Contact Center Express 10.0(1) through 11.0(1), allows remote attackers to create user accounts by visiting an unspecified web page, aka Bug IDs CSCuy75027 and CSCuy81653.

CVSS Score

7.5

EPSS Score

0.002

Published

2016-10-05

CVE-2016-1298

Multiple cross-site scripting (XSS) vulnerabilities in Cisco Unified Contact Center Express 10.0(1), 10.5(1), 10.6(1), and 11.0(1) allow remote attackers to inject arbitrary web script or HTML via vectors related to permalinks, aka Bug ID CSCux92033.

CVSS Score

6.1

EPSS Score

0.004

Published

2016-01-26

Page 2

Vulnerabilities

Vulnerable Software

Cisco: >> Unified Contact Center Express >> 10.5(1) Security Vulnerabilities

Products

Pricing

Contact Us