Vulnerabilities > Cisco > Unified IP Interactive Voice Response > High

DATE	CVE	VULNERABILITY TITLE	RISK
2020-09-23	CVE-2019-1888	Unrestricted Upload of File with Dangerous Type vulnerability in Cisco products A vulnerability in the Administration Web Interface of Cisco Unified Contact Center Express (Unified CCX) could allow an authenticated, remote attacker to upload arbitrary files and execute commands on the underlying operating system. network low complexity cisco CWE-434	7.2
2018-07-18	CVE-2018-0402	Cross-Site Request Forgery (CSRF) vulnerability in Cisco products Multiple vulnerabilities in the web-based management interface of Cisco Unified Contact Center Express (Unified CCX) could allow an unauthenticated, remote attacker to conduct a cross-site request forgery (CSRF) attack. network low complexity cisco CWE-352	8.8

CVE is a registered MITRE Corporation trademark and MITRE's CVE website is the authoritative source of CVE content. CWE is a registered MITRE Corporation trademark and MITRE's CWE website is the authoritative source of CWE content.