Cisco CX Cloud Agent 0.9.2

CPE Details

Cisco CX Cloud Agent 0.9.2
cisco
cx_cloud_agent
0.9.2
2023-01-27
18h28 +00:00
2023-01-30
12h48 +00:00
CPE NVD
Alerte pour un CPE
Restez informé de toutes modifications pour un CPE spécifique.
Gestion des notifications

CPE Name: cpe:2.3:a:cisco:cx_cloud_agent:0.9.2:*:*:*:*:*:*:*

Informations

Vendor

cisco

Product

cx_cloud_agent

Version

0.9.2

Related CVE

Open and find in CVE List

CVE ID Publié Description Score Gravité
CVE-2023-20044 2023-01-19 01h37 +00:00 A vulnerability in Cisco CX Cloud Agent of could allow an authenticated, local attacker to elevate their privileges. This vulnerability is due to insecure file permissions. An attacker could exploit this vulnerability by persuading support to update settings which call the insecure script. A successful exploit could allow the attacker to take complete control of the affected device.
7.3
Haute
CVE-2023-20043 2023-01-19 01h36 +00:00 A vulnerability in Cisco CX Cloud Agent of could allow an authenticated, local attacker to elevate their privileges. This vulnerability is due to insecure file permissions. An attacker could exploit this vulnerability by calling the script with sudo. A successful exploit could allow the attacker to take complete control of the affected device.
6.7
Moyen
CVE-2022-22965 2022-04-01 22h17 +00:00 A Spring MVC or Spring WebFlux application running on JDK 9+ may be vulnerable to remote code execution (RCE) via data binding. The specific exploit requires the application to run on Tomcat as a WAR deployment. If the application is deployed as a Spring Boot executable jar, i.e. the default, it is not vulnerable to the exploit. However, the nature of the vulnerability is more general, and there may be other ways to exploit it.
9.8
Critique