Vulnerability Information
Although we use advanced large model technology, its output may still contain inaccurate or outdated information.Shenlong tries to ensure data accuracy, but please verify and judge based on the actual situation.
Vulnerability Title
N/A
Vulnerability Description
Multiple vulnerabilities in the web-based management interface of Cisco Unified Contact Center Express (Unified CCX) could allow an unauthenticated, remote attacker to retrieve a cleartext password. Cisco Bug IDs: CSCvg71040.
CVSS Information
N/A
Vulnerability Type
在Web页面生成时对输入的转义处理不恰当(跨站脚本)
Vulnerability Title
Cisco Unified Contact Center Express 信息泄露漏洞
Vulnerability Description
Cisco Unified Contact Center Express(Unified CCX)是美国思科(Cisco)公司的一款统一通信解决方案中的客户关系管理组件。该组件集坐席应用和自助语音服务于一身,并提供呼叫分配、客户访问控制等功能。 Cisco Unified CCX中基于Web的管理界面存在信息泄露漏洞,该漏洞源于程序将内部数据库中之前存储的密码预填充到password字段中。远程攻击者可通过查看受影响登录表单利用该漏洞检索明文密码。
CVSS Information
N/A
Vulnerability Type
N/A