Cisco CX Cloud Agent 0.9

CPE Details

Cisco CX Cloud Agent 0.9
cisco
cx_cloud_agent
0.9
2023-01-27
18h28 +00:00
2023-01-30
12h48 +00:00
CPE NVD
Alerte pour un CPE
Stay informed of any changes for a specific CPE.
Notifications manage

CPE Name: cpe:2.3:a:cisco:cx_cloud_agent:0.9:*:*:*:*:*:*:*

Informations

Vendor

cisco

Product

cx_cloud_agent

Version

0.9

Related CVE

Open and find in CVE List

CVE ID Published Description Score Severity
CVE-2023-20044 2023-01-19 01h37 +00:00 A vulnerability in Cisco CX Cloud Agent of could allow an authenticated, local attacker to elevate their privileges. This vulnerability is due to insecure file permissions. An attacker could exploit this vulnerability by persuading support to update settings which call the insecure script. A successful exploit could allow the attacker to take complete control of the affected device.
7.3
High
CVE-2023-20043 2023-01-19 01h36 +00:00 A vulnerability in Cisco CX Cloud Agent of could allow an authenticated, local attacker to elevate their privileges. This vulnerability is due to insecure file permissions. An attacker could exploit this vulnerability by calling the script with sudo. A successful exploit could allow the attacker to take complete control of the affected device.
6.7
Medium
CVE-2022-22965 2022-04-01 22h17 +00:00 A Spring MVC or Spring WebFlux application running on JDK 9+ may be vulnerable to remote code execution (RCE) via data binding. The specific exploit requires the application to run on Tomcat as a WAR deployment. If the application is deployed as a Spring Boot executable jar, i.e. the default, it is not vulnerable to the exploit. However, the nature of the vulnerability is more general, and there may be other ways to exploit it.
9.8
Critical