Vulnerabilities > Cisco > Finesse > 11.5.1

DATE CVE VULNERABILITY TITLE RISK
2018-07-18 CVE-2018-0398 Server-Side Request Forgery (SSRF) vulnerability in Cisco Finesse 11.5(1)
Multiple vulnerabilities in the web-based management interface of Cisco Finesse could allow an unauthenticated, remote attacker to conduct a server-side request forgery (SSRF) attack.
network
low complexity
cisco CWE-918
critical
 9.8
9.8
2018-06-07 CVE-2017-6779 Resource Exhaustion vulnerability in Cisco products
Multiple Cisco products are affected by a vulnerability in local file management for certain system log files of Cisco collaboration products that could allow an unauthenticated, remote attacker to cause high disk utilization, resulting in a denial of service (DoS) condition.
network
low complexity
cisco CWE-400
7.5
7.5
2017-10-19 CVE-2017-12288 Cross-site Scripting vulnerability in Cisco Finesse 11.5(1)
A vulnerability in the web-based management interface of Cisco Unified Contact Center Express could allow an unauthenticated, remote attacker to conduct a cross-site scripting (XSS) attack against a user of an affected device.
network
low complexity
cisco CWE-79
6.1
6.1
2017-08-07 CVE-2017-6761 Cross-site Scripting vulnerability in Cisco Finesse 10.6(1)/11.5(1)
A vulnerability in the web-based management interface of Cisco Finesse 10.6(1) and 11.5(1) could allow an unauthenticated, remote attacker to conduct a cross-site scripting (XSS) attack against a user of the web-based management interface of an affected device.
network
low complexity
cisco CWE-79
6.1
6.1