Vulnerabilities > Cisco > Unified IP Interactive Voice Response > 11.5.1

DATE CVE VULNERABILITY TITLE RISK
2018-07-18 CVE-2018-0403 Server-Side Request Forgery (SSRF) vulnerability in Cisco products
Multiple vulnerabilities in the web-based management interface of Cisco Unified Contact Center Express (Unified CCX) could allow an unauthenticated, remote attacker to retrieve a cleartext password.
network
low complexity
cisco CWE-918
critical
 9.8
9.8
2018-07-18 CVE-2018-0402 Cross-Site Request Forgery (CSRF) vulnerability in Cisco products
Multiple vulnerabilities in the web-based management interface of Cisco Unified Contact Center Express (Unified CCX) could allow an unauthenticated, remote attacker to conduct a cross-site request forgery (CSRF) attack.
network
low complexity
cisco CWE-352
8.8
8.8
2018-07-18 CVE-2018-0401 Cross-site Scripting vulnerability in Cisco products
Multiple vulnerabilities in the web-based management interface of Cisco Unified Contact Center Express (Unified CCX) could allow an unauthenticated, remote attacker to conduct cross-site scripting (XSS) attacks against a user of the interface.
network
low complexity
cisco CWE-79
6.1
6.1
2018-07-18 CVE-2018-0400 Cross-site Scripting vulnerability in Cisco products
Multiple vulnerabilities in the web-based management interface of Cisco Unified Contact Center Express (Unified CCX) could allow an unauthenticated, remote attacker to conduct cross-site scripting (XSS) attacks against a user of the interface.
network
low complexity
cisco CWE-79
6.1
6.1