Vulnerabilities > Cisco > Unified Intelligence Center > 11.0.1.es10

DATE CVE VULNERABILITY TITLE RISK
2023-03-03 CVE-2023-20061 Exposure of Resource to Wrong Sphere vulnerability in Cisco products
Multiple vulnerabilities in Cisco Unified Intelligence Center could allow an authenticated, remote attacker to collect sensitive information or perform a server-side request forgery (SSRF) attack on an affected system.
network
low complexity
cisco CWE-668
6.5
6.5
2023-03-03 CVE-2023-20062 Server-Side Request Forgery (SSRF) vulnerability in Cisco products
Multiple vulnerabilities in Cisco Unified Intelligence Center could allow an authenticated, remote attacker to collect sensitive information or perform a server-side request forgery (SSRF) attack on an affected system.
network
low complexity
cisco CWE-918
4.3
4.3
2023-01-20 CVE-2023-20058 Cross-site Scripting vulnerability in Cisco products
A vulnerability in the web-based management interface of Cisco Unified Intelligence Center could allow an unauthenticated, remote attacker to conduct a reflected cross-site scripting (XSS) attack against a user of the interface. This vulnerability exists because the web-based management interface does not properly validate user-supplied input.
network
low complexity
cisco CWE-79
6.1
6.1
2017-09-07 CVE-2017-6789 Cross-site Scripting vulnerability in Cisco Unified Intelligence Center 11.0(1)Es10
A vulnerability in the Cisco Unified Intelligence Center web interface could allow an unauthenticated, remote attacker to impact the integrity of the system by executing a Document Object Model (DOM)-based, environment or client-side cross-site scripting (XSS) attack.
network
cisco CWE-79
4.3
4.3