CyberSec.Space Logo
Back to CVE Browser

CVE-2016-6427

HIGH
8.8
CVSS Severity Score
EPSS Score0.0850%
EPSS Percentile35.15th
PublishedOct 6, 2016
Last ModifiedMay 6, 2026

Vulnerability Description

Cross-site request forgery (CSRF) vulnerability in Cisco Unified Intelligence Center (CUIC) 8.5.4 through 9.1(1), as used in Unified Contact Center Express 10.0(1) through 11.0(1), allows remote attackers to hijack the authentication of arbitrary users, aka Bug IDs CSCuy75036 and CSCuy81654.

Affected Platforms (CPE)

πŸ“¦
Cisco

Unified Contact Center Express

= 10.0\(1\)
πŸ“¦
Cisco

Unified Contact Center Express

= 10.5\(1\)
πŸ“¦
Cisco

Unified Contact Center Express

= 10.6\(1\)
πŸ“¦
Cisco

Unified Contact Center Express

= 11.0\(1\)
πŸ“¦
Cisco

Unified Intelligence Center

= 8.5.4
πŸ“¦
Cisco

Unified Intelligence Center

= 9.0\(2\)
πŸ“¦
Cisco

Unified Intelligence Center

= 9.1\(1\)

References & Advisories

πŸ”— http://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20161005-ucis3
πŸ”— http://www.securityfocus.com/bid/93418
πŸ”— http://www.securitytracker.com/id/1036953
πŸ”— http://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20161005-ucis3
πŸ”— http://www.securityfocus.com/bid/93418
πŸ”— http://www.securitytracker.com/id/1036953

Related Vulnerabilities

CVE-2018-04039.8

Multiple vulnerabilities in the web-based management interface of Cisco Unified Contact Center Express (Unified CCX) could allow a...

CVE-2020-32809.8

A vulnerability in the Java Remote Management Interface of Cisco Unified Contact Center Express (Unified CCX) could allow an unaut...

CVE-2009-20479.0

Directory traversal vulnerability in the Administration interface in Cisco Customer Response Solutions (CRS) before 7.0(1) SR2 in ...

CVE-2018-04028.8

Multiple vulnerabilities in the web-based management interface of Cisco Unified Contact Center Express (Unified CCX) could allow a...