CRITICAL✓ PATCH🇵🇱 Wersja polska

CVE-2018-0403

CVSS 9.8v3.0pub. 2018-07-18upd. 2024-11-21

Multiple vulnerabilities in the web-based management interface of Cisco Unified Contact Center Express (Unified CCX) could allow an unauthenticated, remote attacker to retrieve a cleartext password. Cisco Bug IDs: CSCvg71040.

CVSS Vector
CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H
  • Cisco Unified Contact Center Express

    APP
    Cisco
    11.5\(1\)
  • Cisco Unified Ip Interactive Voice Response

    APP
    Cisco
    11.5\(1\)
🟢
PATCH AVAILABLE
Vendor update available. Deploy in standard maintenance cycle.
Tags
XSS
CWE
References

Related vulnerabilities

CVE-2025-20358CRITICAL9.4PL ✓ten sam produkt

Cisco Unified CCX: pominięcie uwierzytelnienia w CCX Editor (RCE)

CVE-2025-20354CRITICAL9.8PL ✓ten sam produkt

RCE z uprawnieniami root w Cisco Unified Contact Center Express (Java RMI)

CVE-2024-20253CRITICAL9.9PL ✓ten sam produkt

RCE w produktach Cisco Unified Communications — eskalacja do root

CVE-2022-20658CRITICAL9.6ten sam produkt

A vulnerability in the web-based management interface of Cisco Unified Contact Center Management Portal (Unifi...

CVE-2020-3280CRITICAL9.8ten sam produkt

A vulnerability in the Java Remote Management Interface of Cisco Unified Contact Center Express (Unified CCX) ...