Multiple vulnerabilities in the web-based management interface of Cisco Unified Contact Center Express (Unified CCX) could allow an unauthenticated, remote attacker to retrieve a cleartext password. Cisco Bug IDs: CSCvg71040.
CVSS Vector
CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:HCisco Unified Contact Center Express
APPCisco11.5\(1\)Cisco Unified Ip Interactive Voice Response
APPCisco11.5\(1\)
🟢
PATCH AVAILABLE
Vendor update available. Deploy in standard maintenance cycle.
Tags
XSS
Related vulnerabilities
CVE-2025-20358CRITICAL9.4PL ✓ten sam produkt
Cisco Unified CCX: pominięcie uwierzytelnienia w CCX Editor (RCE)
CVE-2025-20354CRITICAL9.8PL ✓ten sam produkt
RCE z uprawnieniami root w Cisco Unified Contact Center Express (Java RMI)
CVE-2024-20253CRITICAL9.9PL ✓ten sam produkt
RCE w produktach Cisco Unified Communications — eskalacja do root
CVE-2022-20658CRITICAL9.6ten sam produkt
A vulnerability in the web-based management interface of Cisco Unified Contact Center Management Portal (Unifi...
CVE-2020-3280CRITICAL9.8ten sam produkt
A vulnerability in the Java Remote Management Interface of Cisco Unified Contact Center Express (Unified CCX) ...