Multiple vulnerabilities in the web-based management interface of Cisco Packaged Contact Center Enterprise could allow an unauthenticated, remote attacker to conduct a cross-site scripting (XSS) attack against a user of the interface or conduct a cross-site request forgery (CSRF) attack.
For more information about these vulnerabilities, see the Details section of this security advisory.
There are no workarounds that address these vulnerabilities.
This advisory is available at the following link:
https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20180905-pcce
Security Impact Rating: Medium
CVE: CVE-2018-0444,CVE-2018-0445
from Cisco Security Advisory https://ift.tt/2wINDyU
No comments:
Post a Comment
Note: Only a member of this blog may post a comment.