Vulnerabilities > Cisco > Unified Contact Center Express

DATE CVE VULNERABILITY TITLE RISK
2012-05-02 CVE-2011-2583 Improper Input Validation vulnerability in Cisco Unified Contact Center Express 8.0/8.5
Cisco Unified Contact Center Express (aka CCX) 8.0 and 8.5 allows remote attackers to cause a denial of service via network traffic, as demonstrated by an SEC-BE-STABLE test case, aka Bug ID CSCth33834.
network
low complexity
cisco CWE-20
5.0
5.0
2010-06-10 CVE-2010-1571 Path Traversal vulnerability in Cisco products
Directory traversal vulnerability in the bootstrap service in Cisco Unified Contact Center Express (UCCX) 7.0 before 7.0(1)SR4 and 7.0(2), unspecified 6.0 versions, and 5.0 before 5.0(2)SR3 allows remote attackers to read arbitrary files via a crafted bootstrap message to TCP port 6295.
network
low complexity
cisco CWE-22
7.8
7.8
2010-06-10 CVE-2010-1570 Denial of Service vulnerability in Cisco products
The computer telephony integration (CTI) server component in Cisco Unified Contact Center Express (UCCX) 7.0 before 7.0(1)SR4 and 7.0(2), 6.0 before 6.0(1)SR1, and 5.0 before 5.0(2)SR3 allows remote attackers to cause a denial of service (CTI server and Node Manager failure) via a malformed CTI message.
network
low complexity
cisco
7.8
7.8