Vulnerabilities > Cisco > Unified Intelligence Center > 12.0.1

DATE CVE VULNERABILITY TITLE RISK
2023-03-03 CVE-2023-20061 Exposure of Resource to Wrong Sphere vulnerability in Cisco products
Multiple vulnerabilities in Cisco Unified Intelligence Center could allow an authenticated, remote attacker to collect sensitive information or perform a server-side request forgery (SSRF) attack on an affected system.
network
low complexity
cisco CWE-668
6.5
6.5
2023-03-03 CVE-2023-20062 Server-Side Request Forgery (SSRF) vulnerability in Cisco products
Multiple vulnerabilities in Cisco Unified Intelligence Center could allow an authenticated, remote attacker to collect sensitive information or perform a server-side request forgery (SSRF) attack on an affected system.
network
low complexity
cisco CWE-918
4.3
4.3
2023-01-20 CVE-2023-20058 Cross-site Scripting vulnerability in Cisco products
A vulnerability in the web-based management interface of Cisco Unified Intelligence Center could allow an unauthenticated, remote attacker to conduct a reflected cross-site scripting (XSS) attack against a user of the interface. This vulnerability exists because the web-based management interface does not properly validate user-supplied input.
network
low complexity
cisco CWE-79
6.1
6.1
2019-05-16 CVE-2019-1860 Resource Injection vulnerability in Cisco Unified Intelligence Center 12.0(1)
A vulnerability in the dashboard gadget rendering of Cisco Unified Intelligence Center could allow an unauthenticated, remote attacker to obtain or manipulate sensitive information between a user’s browser and Cisco Unified Intelligence Center.
network
high complexity
cisco CWE-99
5.9
5.9