CyberSec.Space Logo
返回 CVE 瀏覽器

CVE-2016-6427

HIGH
8.8
CVSS Severity Score
EPSS Score0.0850%
EPSS Percentile35.15th
Published2016年10月6日
Last Modified2026年5月6日

Vulnerability Description

Cross-site request forgery (CSRF) vulnerability in Cisco Unified Intelligence Center (CUIC) 8.5.4 through 9.1(1), as used in Unified Contact Center Express 10.0(1) through 11.0(1), allows remote attackers to hijack the authentication of arbitrary users, aka Bug IDs CSCuy75036 and CSCuy81654.

Affected Platforms (CPE)

📦
Cisco

Unified Contact Center Express

= 10.0\(1\)
📦
Cisco

Unified Contact Center Express

= 10.5\(1\)
📦
Cisco

Unified Contact Center Express

= 10.6\(1\)
📦
Cisco

Unified Contact Center Express

= 11.0\(1\)
📦
Cisco

Unified Intelligence Center

= 8.5.4
📦
Cisco

Unified Intelligence Center

= 9.0\(2\)
📦
Cisco

Unified Intelligence Center

= 9.1\(1\)

References & Advisories

🔗 http://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20161005-ucis3
🔗 http://www.securityfocus.com/bid/93418
🔗 http://www.securitytracker.com/id/1036953
🔗 http://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20161005-ucis3
🔗 http://www.securityfocus.com/bid/93418
🔗 http://www.securitytracker.com/id/1036953

相關漏洞威脅

CVE-2018-04039.8

Multiple vulnerabilities in the web-based management interface of Cisco Unified Contact Center Express (Unified CCX) could allow a...

CVE-2020-32809.8

A vulnerability in the Java Remote Management Interface of Cisco Unified Contact Center Express (Unified CCX) could allow an unaut...

CVE-2009-20479.0

Directory traversal vulnerability in the Administration interface in Cisco Customer Response Solutions (CRS) before 7.0(1) SR2 in ...

CVE-2018-04028.8

Multiple vulnerabilities in the web-based management interface of Cisco Unified Contact Center Express (Unified CCX) could allow a...