Lucene search
K
Database
Vendors
Products
Years
CVSS
Scanner
Agent Scanning
API Scanning
Manual Audit
Perimeter Scanner
Scanning
Projects
Email
Webhook
Plugins
Resources
Documents
Blog
Glossary
FAQ
Pricing
Contacts
About Us
Partners
Branding Guideline
ciscoCiscoCISCO-SA-MULTI-VULN-FINESSE-QP6GBUO2
HistoryJan 13, 2021 - 4:00 p.m.

Multiple Cisco Products OpenSocial Gadget Editor Vulnerabilities

2021-01-1316:00:00
tools.cisco.com
36
cisco
finesse
virtualized voice browser
opensocial gadget editor
vulnerabilities
cross-site scripting
authentication flaw
software updates

AI Score

6.4

Confidence

High

EPSS

0.002

Percentile

51.5%

JSON

Multiple vulnerabilities in the web-based management interface of Cisco Finesse, Cisco Virtualized Voice Browser, and Cisco Unified Customer Voice Portal (CVP) could allow an unauthenticated, remote attacker to conduct a cross-site scripting (XSS) attack and obtain potentially confidential information by leveraging a flaw in the authentication mechanism.

For more information about these vulnerabilities, see the Details [“#details”] section of this advisory.

Cisco has released software updates that address these vulnerabilities. There are no workarounds that address these vulnerabilities.

This advisory is available at the following link:
https://sec.cloudapps.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-multi-vuln-finesse-qp6gbUO2 [“https://sec.cloudapps.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-multi-vuln-finesse-qp6gbUO2”]

Affected configurations

Vulners
Node
ciscounified_customer_voice_portalMatchany
OR
ciscofinesseMatchany
OR
ciscovirtualized_voice_browserMatchany
OR
ciscounified_customer_voice_portalMatchany
OR
ciscofinesseMatchany
OR
ciscovirtualized_voice_browserMatchany
VendorProductVersionCPE
ciscounified_customer_voice_portalanycpe:2.3:a:cisco:unified_customer_voice_portal:any:*:*:*:*:*:*:*
ciscofinesseanycpe:2.3:a:cisco:finesse:any:*:*:*:*:*:*:*
ciscovirtualized_voice_browseranycpe:2.3:a:cisco:virtualized_voice_browser:any:*:*:*:*:*:*:*

Related

prion 2
vulnrichment 2
nvd 2
cve 2
cvelist 2
prion
prion
Cross site scripting
2021-01-13 22:15:00
Cross site scripting
2021-01-13 22:15:00
vulnrichment
vulnrichment
CVE-2021-1245 Cisco Finesse OpenSocial Gadget Editor Cross-Site Scripting Vulnerability
2021-01-13 21:17:38
CVE-2021-1246 Cisco Finesse OpenSocial Gadget Editor Unauthenticated Access Vulnerability
2021-01-13 21:17:33
nvd
nvd
CVE-2021-1245
2021-01-13 22:15:21
CVE-2021-1246
2021-01-13 22:15:21
cve
cve
CVE-2021-1245
2021-01-13 22:15:21
CVE-2021-1246
2021-01-13 22:15:21
cvelist
cvelist
CVE-2021-1246 Cisco Finesse OpenSocial Gadget Editor Unauthenticated Access Vulnerability
2021-01-13 21:17:33
CVE-2021-1245 Cisco Finesse OpenSocial Gadget Editor Cross-Site Scripting Vulnerability
2021-01-13 21:17:38

AI Score

6.4

Confidence

High

EPSS

0.002

Percentile

51.5%

JSON
Related for CISCO-SA-MULTI-VULN-FINESSE-QP6GBUO2
prion2vulnrichment2nvd2cve2cvelist2