Описание
A vulnerability in Cisco Unified Contact Center Express (Unified CCX) could allow an unauthenticated, remote attacker to bypass access controls and conduct a server-side request forgery (SSRF) attack on a targeted system. The vulnerability is due to improper validation of user-supplied input on the affected system. An attacker could exploit this vulnerability by sending the user of the web application a crafted request. If the request is processed, the attacker could access the system and perform unauthorized actions.
Уязвимые конфигурации
Одно из
EPSS
5.3 Medium
CVSS3
7.5 High
CVSS3
5 Medium
CVSS2
Дефекты
Связанные уязвимости
A vulnerability in Cisco Unified Contact Center Express (Unified CCX) could allow an unauthenticated, remote attacker to bypass access controls and conduct a server-side request forgery (SSRF) attack on a targeted system. The vulnerability is due to improper validation of user-supplied input on the affected system. An attacker could exploit this vulnerability by sending the user of the web application a crafted request. If the request is processed, the attacker could access the system and perform unauthorized actions.
Уязвимость программного средства автоматизации работы операторов Unified Contact Center Express, существующая из-за недостаточной проверки входных данных, позволяющая нарушителю провести атаку на стороне сервера на целевую систему и выполнить несанкционированные действия
EPSS
5.3 Medium
CVSS3
7.5 High
CVSS3
5 Medium
CVSS2