漏洞信息
尽管我们使用了先进的大模型技术,但其输出仍可能包含不准确或过时的信息。神龙努力确保数据的准确性,但请您根据实际情况进行核实和判断。
漏洞
Cisco Unified Contact Center Express Editor Authentication Bypass Vulnerability
漏洞信息
A vulnerability in the Contact Center Express (CCX) Editor application of Cisco Unified CCX could allow an unauthenticated, remote attacker to bypass authentication and obtain administrative permissions pertaining to script creation and execution. This vulnerability is due to improper authentication mechanisms in the communication between the CCX Editor and an affected Unified CCX server. An attacker could exploit this vulnerability by redirecting the authentication flow to a malicious server and tricking the CCX Editor into believing the authentication was successful. A successful exploit could allow the attacker to create and execute arbitrary scripts on the underlying operating system of an affected Unified CCX server, as an internal non-root user account.
漏洞信息
CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:L
漏洞
关键功能的认证机制缺失
漏洞
Cisco Unified Contact Center Express 访问控制错误漏洞
漏洞信息
Cisco Unified Contact Center Express(Unified CCX)是美国思科(Cisco)公司的一款统一通信解决方案中的客户关系管理组件。该组件支持自助语音服务、呼叫分配和客户访问控制等功能。 Cisco Unified Contact Center Express(Unified CCX)存在访问控制错误漏洞,该漏洞源于身份验证机制不当,可能导致未经身份验证的攻击者绕过身份验证并获得管理权限。
漏洞信息
N/A
漏洞
N/A