Cisco Unified Intelligence Center vulnerabilities

25 known vulnerabilities affecting cisco/unified_intelligence_center.

Total CVEs
25
CISA KEV
1
actively exploited
Public exploits
1
Exploited in wild
1
Severity breakdown
CRITICAL1HIGH8MEDIUM16

Vulnerabilities

Page 2 of 2
CVE-2016-6427HIGHCVSS 8.8v8.5.4v9.0\(2\)+1 more2016-10-06
CVE-2016-6427 [HIGH] CWE-352 CVE-2016-6427: Cross-site request forgery (CSRF) vulnerability in Cisco Unified Intelligence Center (CUIC) 8.5.4 th Cross-site request forgery (CSRF) vulnerability in Cisco Unified Intelligence Center (CUIC) 8.5.4 through 9.1(1), as used in Unified Contact Center Express 10.0(1) through 11.0(1), allows remote attackers to hijack the authentication of arbitrary users, aka Bug IDs CSCuy75036 and CSCuy81654.
nvd
CVE-2016-6425MEDIUMCVSS 6.1v8.5.4v9.0\(2\)+1 more2016-10-06
CVE-2016-6425 [MEDIUM] CWE-79 CVE-2016-6425: Cross-site scripting (XSS) vulnerability in Cisco Unified Intelligence Center (CUIC) 8.5.4 through 9 Cross-site scripting (XSS) vulnerability in Cisco Unified Intelligence Center (CUIC) 8.5.4 through 9.1(1), as used in Unified Contact Center Express 10.0(1) through 11.0(1), allows remote attackers to inject arbitrary web script or HTML via a crafted URL, aka Bug IDs CSCuy75020 and CSCuy81652.
nvd
CVE-2016-6426HIGHCVSS 7.5v8.5.4v9.0\(2\)+1 more2016-10-05
CVE-2016-6426 [HIGH] CWE-20 CVE-2016-6426: The j_spring_security_switch_user function in Cisco Unified Intelligence Center (CUIC) 8.5.4 through The j_spring_security_switch_user function in Cisco Unified Intelligence Center (CUIC) 8.5.4 through 9.1(1), as used in Unified Contact Center Express 10.0(1) through 11.0(1), allows remote attackers to create user accounts by visiting an unspecified web page, aka Bug IDs CSCuy75027 and CSCuy81653.
nvd
CVE-2015-4274MEDIUMCVSS 6.8v10.0\(1\)v10.6\(1\)2015-07-16
CVE-2015-4274 [MEDIUM] CWE-352 CVE-2015-4274: Cross-site request forgery (CSRF) vulnerability in the web framework in Cisco Unified Intelligence C Cross-site request forgery (CSRF) vulnerability in the web framework in Cisco Unified Intelligence Center 10.0(1) and 10.6(1) allows remote attackers to hijack the authentication of arbitrary users, aka Bug IDs CSCuu94862 and CSCuu97936.
nvd
CVE-2015-0740MEDIUMCVSS 6.8v10.6\(1\)2015-05-20
CVE-2015-0740 [MEDIUM] CWE-352 CVE-2015-0740: Cross-site request forgery (CSRF) vulnerability in Cisco Unified Intelligence Center 10.6(1) allows Cross-site request forgery (CSRF) vulnerability in Cisco Unified Intelligence Center 10.6(1) allows remote attackers to hijack the authentication of arbitrary users, aka Bug ID CSCus28826.
nvd
← Previous2 / 2
Cisco Unified Intelligence Center vulnerabilities | cvebase