Cisco Unified Intelligence Center 11.0(1)ES10

CPE Details

Cisco Unified Intelligence Center 11.0(1)ES10
11.0\(1\)es10
2020-07-29
14h04 +00:00
2020-07-29
14h04 +00:00
Alerte pour un CPE
Stay informed of any changes for a specific CPE.
Notifications manage

CPE Name: cpe:2.3:a:cisco:unified_intelligence_center:11.0\(1\)es10:*:*:*:*:*:*:*

Informations

Vendor

cisco

Product

unified_intelligence_center

Version

11.0\(1\)es10

Related CVE

Open and find in CVE List

CVE ID Published Description Score Severity
CVE-2023-20061 2023-03-02 23h00 +00:00 Multiple vulnerabilities in Cisco Unified Intelligence Center could allow an authenticated, remote attacker to collect sensitive information or perform a server-side request forgery (SSRF) attack on an affected system. Cisco plans to release software updates that address these vulnerabilities.
6.5
Medium
CVE-2023-20062 2023-03-02 23h00 +00:00 Multiple vulnerabilities in Cisco Unified Intelligence Center could allow an authenticated, remote attacker to collect sensitive information or perform a server-side request forgery (SSRF) attack on an affected system. Cisco plans to release software updates that address these vulnerabilities.
6.5
Medium
CVE-2023-20058 2023-01-19 01h38 +00:00 A vulnerability in the web-based management interface of Cisco Unified Intelligence Center could allow an unauthenticated, remote attacker to conduct a reflected cross-site scripting (XSS) attack against a user of the interface. This vulnerability exists because the web-based management interface does not properly validate user-supplied input. An attacker could exploit this vulnerability by persuading a user of the interface to click a crafted link. A successful exploit could allow the attacker to execute arbitrary script code in the context of the affected interface or access sensitive browser-based information.
6.1
Medium
CVE-2017-6789 2017-09-07 19h00 +00:00 A vulnerability in the Cisco Unified Intelligence Center web interface could allow an unauthenticated, remote attacker to impact the integrity of the system by executing a Document Object Model (DOM)-based, environment or client-side cross-site scripting (XSS) attack. The vulnerability occurs because user-supplied data in the DOM input is not validated. An attacker could exploit this vulnerability by sending crafted URLs that contain malicious DOM statements to the affected system. A successful exploit could allow the attacker to affect the integrity of the system by manipulating the database. Known Affected Releases 11.0(1)ES10. Cisco Bug IDs: CSCvf18325.
6.1
Medium