fkie_cve-2016-1439
Vulnerability from fkie_nvd
Published
2016-06-23 00:59
Modified
2025-04-12 10:46
Severity ?
Summary
Cross-site scripting (XSS) vulnerability in the management interface in Cisco Unified Contact Center Enterprise through 10.5(2) allows remote attackers to inject arbitrary web script or HTML via a crafted URL, aka Bug ID CSCux59650.
References
Impacted products
{ "configurations": [ { "nodes": [ { "cpeMatch": [ { "criteria": "cpe:2.3:a:cisco:unified_contact_center_enterprise:4.6\\(2\\):sr1:*:*:*:*:*:*", "matchCriteriaId": "E7479E94-6941-47BF-B58C-48DA0ABA9C0E", "vulnerable": true }, { "criteria": "cpe:2.3:a:cisco:unified_contact_center_enterprise:4.6\\(2\\):sr2:*:*:*:*:*:*", "matchCriteriaId": "0069B7BF-7E8C-403E-A820-3F93A500DD51", "vulnerable": true }, { "criteria": "cpe:2.3:a:cisco:unified_contact_center_enterprise:4.6\\(2\\):sr3:*:*:*:*:*:*", "matchCriteriaId": "99D22E90-551F-467C-B7DB-10807269AF2E", "vulnerable": true }, { "criteria": "cpe:2.3:a:cisco:unified_contact_center_enterprise:4.6\\(2\\):sr4:*:*:*:*:*:*", "matchCriteriaId": "B206376C-B7AD-4794-9EF9-DE20FF6BF7E4", "vulnerable": true }, { "criteria": "cpe:2.3:a:cisco:unified_contact_center_enterprise:4.6\\(2\\):sr5:*:*:*:*:*:*", "matchCriteriaId": "AAAFDAF7-6951-41C1-8B09-7A949CEE2383", "vulnerable": true }, { "criteria": "cpe:2.3:a:cisco:unified_contact_center_enterprise:4.6\\(2\\):sr6:*:*:*:*:*:*", "matchCriteriaId": "A6A9CC97-8F31-44AB-829F-D3BE49BDBF3B", "vulnerable": true }, { "criteria": "cpe:2.3:a:cisco:unified_contact_center_enterprise:4.6.2:*:*:*:*:*:*:*", "matchCriteriaId": "14528A7C-B832-475F-A4B7-A9868743DA43", "vulnerable": true }, { "criteria": "cpe:2.3:a:cisco:unified_contact_center_enterprise:5.0\\(0\\):*:*:*:*:*:*:*", "matchCriteriaId": "1E8D2BD9-9D9D-4ABD-AAEA-3D8E51354AFA", "vulnerable": true }, { "criteria": "cpe:2.3:a:cisco:unified_contact_center_enterprise:5.0\\(0\\):sr10:*:*:*:*:*:*", "matchCriteriaId": "313DBC88-A1ED-476B-872F-C26A95E0C25E", "vulnerable": true }, { "criteria": "cpe:2.3:a:cisco:unified_contact_center_enterprise:5.0\\(0\\):sr11:*:*:*:*:*:*", "matchCriteriaId": "B17BB1B7-9A55-4B13-98C2-923B6C980C6B", "vulnerable": true }, { "criteria": "cpe:2.3:a:cisco:unified_contact_center_enterprise:5.0\\(0\\):sr12:*:*:*:*:*:*", "matchCriteriaId": "FE730E25-75B9-42E7-A0DA-95A5E6AFA04F", "vulnerable": true }, { "criteria": "cpe:2.3:a:cisco:unified_contact_center_enterprise:5.0\\(0\\):sr13:*:*:*:*:*:*", "matchCriteriaId": "D5C108BF-7B1F-4A88-BCBA-26E4B09EA251", "vulnerable": true }, { "criteria": "cpe:2.3:a:cisco:unified_contact_center_enterprise:5.0\\(0\\):sr2:*:*:*:*:*:*", "matchCriteriaId": "CDA5EAC9-AD6D-4F2C-BCB2-E8FA7AFC2944", "vulnerable": true }, { "criteria": "cpe:2.3:a:cisco:unified_contact_center_enterprise:5.0\\(0\\):sr3:*:*:*:*:*:*", "matchCriteriaId": "6DCC19EC-E9AF-4BE0-B2F9-BBAC573B9161", "vulnerable": true }, { "criteria": "cpe:2.3:a:cisco:unified_contact_center_enterprise:5.0\\(0\\):sr4:*:*:*:*:*:*", "matchCriteriaId": "6F50C2C2-7745-4364-A7EA-1AAEEE134304", "vulnerable": true }, { "criteria": "cpe:2.3:a:cisco:unified_contact_center_enterprise:5.0\\(0\\):sr5:*:*:*:*:*:*", "matchCriteriaId": "3B6FA206-35E4-4A90-B78A-94478EB3A97A", "vulnerable": true }, { "criteria": "cpe:2.3:a:cisco:unified_contact_center_enterprise:5.0\\(0\\):sr7:*:*:*:*:*:*", "matchCriteriaId": "DA7A42AF-500C-491D-98C7-D61F9020784F", "vulnerable": true }, { "criteria": "cpe:2.3:a:cisco:unified_contact_center_enterprise:5.0\\(0\\):sr8:*:*:*:*:*:*", "matchCriteriaId": "2C65714F-1FD1-45D1-980E-4E45CBE427A2", "vulnerable": true }, { "criteria": "cpe:2.3:a:cisco:unified_contact_center_enterprise:5.0\\(0\\):sr9:*:*:*:*:*:*", "matchCriteriaId": "063534B0-ECB3-4ACF-9E0A-EE9ABF98C70C", "vulnerable": true }, { "criteria": "cpe:2.3:a:cisco:unified_contact_center_enterprise:6.0\\(0\\):sr1:*:*:*:*:*:*", "matchCriteriaId": "D3D58D63-B3E2-423E-B708-F909E3A7245B", "vulnerable": true }, { "criteria": "cpe:2.3:a:cisco:unified_contact_center_enterprise:6.0\\(0\\):sr10:*:*:*:*:*:*", "matchCriteriaId": "3BDE7ED5-2479-4571-8921-544794738C39", "vulnerable": true }, { "criteria": "cpe:2.3:a:cisco:unified_contact_center_enterprise:6.0\\(0\\):sr11:*:*:*:*:*:*", "matchCriteriaId": "D20AEFBB-D4B6-40D4-9F5D-A5823F3ED53A", "vulnerable": true }, { "criteria": "cpe:2.3:a:cisco:unified_contact_center_enterprise:6.0\\(0\\):sr12:*:*:*:*:*:*", "matchCriteriaId": "E3BC0486-954B-4BCB-BC7A-F968F4B757C2", "vulnerable": true }, { "criteria": "cpe:2.3:a:cisco:unified_contact_center_enterprise:6.0\\(0\\):sr2:*:*:*:*:*:*", "matchCriteriaId": "6352955F-BD2C-4999-91D2-B34CF3F44436", "vulnerable": true }, { "criteria": "cpe:2.3:a:cisco:unified_contact_center_enterprise:6.0\\(0\\):sr3:*:*:*:*:*:*", "matchCriteriaId": "48C5ED18-DE61-4F24-AF6A-EA6C8B09A822", "vulnerable": true }, { "criteria": "cpe:2.3:a:cisco:unified_contact_center_enterprise:6.0\\(0\\):sr4:*:*:*:*:*:*", "matchCriteriaId": "7F6E28F2-4FA6-4CC3-9C8D-298DAF894547", "vulnerable": true }, { "criteria": "cpe:2.3:a:cisco:unified_contact_center_enterprise:6.0\\(0\\):sr5:*:*:*:*:*:*", "matchCriteriaId": "2206BB99-F76C-4D89-8B1B-A58E0B60DC19", "vulnerable": true }, { "criteria": "cpe:2.3:a:cisco:unified_contact_center_enterprise:6.0\\(0\\):sr6:*:*:*:*:*:*", "matchCriteriaId": "0176D18E-7CD8-46A8-A5C5-C090855985AD", "vulnerable": true }, { "criteria": "cpe:2.3:a:cisco:unified_contact_center_enterprise:6.0\\(0\\):sr7:*:*:*:*:*:*", "matchCriteriaId": "9DF4EC9A-9822-4484-BC9E-8D593BE8CF82", "vulnerable": true }, { "criteria": "cpe:2.3:a:cisco:unified_contact_center_enterprise:6.0\\(0\\):sr8:*:*:*:*:*:*", "matchCriteriaId": "3C5BDE6E-FF4A-480E-9A0D-5F020B81F765", "vulnerable": true }, { "criteria": "cpe:2.3:a:cisco:unified_contact_center_enterprise:6.0\\(0\\):sr9:*:*:*:*:*:*", "matchCriteriaId": "A80FA546-3758-4094-BF13-2D7457A069BC", "vulnerable": true }, { "criteria": "cpe:2.3:a:cisco:unified_contact_center_enterprise:7.0\\(0\\):sr1:*:*:*:*:*:*", "matchCriteriaId": "6825BA64-3C8E-4FD7-A926-21BC6ABAD208", "vulnerable": true }, { "criteria": "cpe:2.3:a:cisco:unified_contact_center_enterprise:7.0\\(0\\):sr2:*:*:*:*:*:*", "matchCriteriaId": "9A091A29-F614-4D90-A4EC-549D49AF6671", "vulnerable": true }, { "criteria": "cpe:2.3:a:cisco:unified_contact_center_enterprise:7.0\\(0\\):sr3:*:*:*:*:*:*", "matchCriteriaId": "51B28919-D8B9-4DC5-BBA5-EDF5F521B44D", "vulnerable": true }, { "criteria": "cpe:2.3:a:cisco:unified_contact_center_enterprise:7.0\\(0\\):sr4:*:*:*:*:*:*", "matchCriteriaId": "3FD133BC-F5C9-405D-BC0E-B63735EE8DA7", "vulnerable": true }, { "criteria": "cpe:2.3:a:cisco:unified_contact_center_enterprise:7.1\\(2\\):*:*:*:*:*:*:*", "matchCriteriaId": "CBE2F387-58FF-4D11-840E-32F78CA8D6A9", "vulnerable": true }, { "criteria": "cpe:2.3:a:cisco:unified_contact_center_enterprise:7.1\\(3\\):*:*:*:*:*:*:*", "matchCriteriaId": "746C8DAB-A31B-4C34-9DD6-A7D7965C650B", "vulnerable": true }, { "criteria": "cpe:2.3:a:cisco:unified_contact_center_enterprise:7.1\\(4\\):*:*:*:*:*:*:*", "matchCriteriaId": "1C2C272E-3D96-4532-BC2C-CAF72C5257CD", "vulnerable": true }, { "criteria": "cpe:2.3:a:cisco:unified_contact_center_enterprise:7.1\\(5\\):*:*:*:*:*:*:*", "matchCriteriaId": "B5AE16C9-6712-4964-B32E-3D5BE09B19ED", "vulnerable": true }, { "criteria": "cpe:2.3:a:cisco:unified_contact_center_enterprise:7.1.0:*:*:*:*:*:*:*", "matchCriteriaId": "CCDCD1C8-BE0C-4158-83CF-91B6E9F96C17", "vulnerable": true }, { "criteria": "cpe:2.3:a:cisco:unified_contact_center_enterprise:7.2\\(1\\):*:*:*:*:*:*:*", "matchCriteriaId": "F760C563-7F86-49E3-93BC-DA773E60FD5E", "vulnerable": true }, { "criteria": "cpe:2.3:a:cisco:unified_contact_center_enterprise:7.2\\(2\\):*:*:*:*:*:*:*", "matchCriteriaId": "BED52C67-172E-4DF7-89D3-2A21B5F0F229", "vulnerable": true }, { "criteria": "cpe:2.3:a:cisco:unified_contact_center_enterprise:7.2\\(3\\):*:*:*:*:*:*:*", "matchCriteriaId": "40A108B8-C9C9-468E-BA71-5C7BA3068B0E", "vulnerable": true }, { "criteria": "cpe:2.3:a:cisco:unified_contact_center_enterprise:7.2\\(4\\):*:*:*:*:*:*:*", "matchCriteriaId": "B981CBC7-9EAD-4165-8598-B475C97B76B5", "vulnerable": true }, { "criteria": "cpe:2.3:a:cisco:unified_contact_center_enterprise:7.2\\(5\\):*:*:*:*:*:*:*", "matchCriteriaId": "208B4C22-B606-4186-81E1-8049B3324C13", "vulnerable": true }, { "criteria": "cpe:2.3:a:cisco:unified_contact_center_enterprise:7.2\\(6\\):*:*:*:*:*:*:*", "matchCriteriaId": "59869B06-8BCC-4863-983A-855FD54746C2", "vulnerable": true }, { "criteria": "cpe:2.3:a:cisco:unified_contact_center_enterprise:7.2\\(7\\):*:*:*:*:*:*:*", "matchCriteriaId": "AB45170E-0952-4453-B32D-CA8A57F0A5AF", "vulnerable": true }, { "criteria": "cpe:2.3:a:cisco:unified_contact_center_enterprise:7.5\\(2\\):*:*:*:*:*:*:*", "matchCriteriaId": "8C53BD51-2F26-4672-B0E8-269FBA8DE958", "vulnerable": true }, { "criteria": "cpe:2.3:a:cisco:unified_contact_center_enterprise:7.5\\(3\\):*:*:*:*:*:*:*", "matchCriteriaId": "26C8838B-DDF7-46A9-816D-13743C28D6E8", "vulnerable": true }, { "criteria": "cpe:2.3:a:cisco:unified_contact_center_enterprise:7.5\\(4\\):*:*:*:*:*:*:*", "matchCriteriaId": "1BC2A7C9-8968-4ACB-A079-0F553A24BCE7", "vulnerable": true }, { "criteria": "cpe:2.3:a:cisco:unified_contact_center_enterprise:7.5\\(5\\):*:*:*:*:*:*:*", "matchCriteriaId": "88C5E4AE-C173-4A62-8FA7-91748D3BA038", "vulnerable": true }, { "criteria": "cpe:2.3:a:cisco:unified_contact_center_enterprise:7.5\\(6\\):*:*:*:*:*:*:*", "matchCriteriaId": "01D23834-0F6C-47B9-9E17-BDBE184A3F79", "vulnerable": true }, { "criteria": "cpe:2.3:a:cisco:unified_contact_center_enterprise:7.5\\(7\\):*:*:*:*:*:*:*", "matchCriteriaId": "2798ED94-013F-4ADC-B359-8EB76472B508", "vulnerable": true }, { "criteria": "cpe:2.3:a:cisco:unified_contact_center_enterprise:7.5\\(8\\):*:*:*:*:*:*:*", "matchCriteriaId": "AF43F0A0-87E2-411C-9E69-8F5D50CBBF59", "vulnerable": true }, { "criteria": "cpe:2.3:a:cisco:unified_contact_center_enterprise:7.5\\(9\\):*:*:*:*:*:*:*", "matchCriteriaId": "E3937C3A-5820-4D03-8F28-3139EB5A1433", "vulnerable": true }, { "criteria": "cpe:2.3:a:cisco:unified_contact_center_enterprise:7.5\\(10\\):*:*:*:*:*:*:*", "matchCriteriaId": "49D8E519-946B-4522-A859-240292A5B5FC", "vulnerable": true }, { "criteria": "cpe:2.3:a:cisco:unified_contact_center_enterprise:8.0\\(2\\):*:*:*:*:*:*:*", "matchCriteriaId": "28C9CC12-DF4C-43BA-827A-09AAB389915B", "vulnerable": true }, { "criteria": "cpe:2.3:a:cisco:unified_contact_center_enterprise:8.0\\(3\\):*:*:*:*:*:*:*", "matchCriteriaId": "2DD1A7B8-77A0-40CE-BB65-338DBB420BB7", "vulnerable": true }, { "criteria": "cpe:2.3:a:cisco:unified_contact_center_enterprise:8.5\\(1\\):*:*:*:*:*:*:*", "matchCriteriaId": "B84C3C62-6F72-4781-A6C2-2C14FCAEA9E6", "vulnerable": true }, { "criteria": "cpe:2.3:a:cisco:unified_contact_center_enterprise:8.5\\(2\\):*:*:*:*:*:*:*", "matchCriteriaId": "D7FB82A9-29CF-4215-A3D7-D9417C905102", "vulnerable": true }, { "criteria": "cpe:2.3:a:cisco:unified_contact_center_enterprise:8.5\\(3\\):*:*:*:*:*:*:*", "matchCriteriaId": "CBCCB6E8-F04D-43B5-9450-B728C6CF3632", "vulnerable": true }, { "criteria": "cpe:2.3:a:cisco:unified_contact_center_enterprise:8.5\\(4\\):*:*:*:*:*:*:*", "matchCriteriaId": "ACAD7EC3-74FE-405D-BDE9-3DB1DBAED814", "vulnerable": true }, { "criteria": "cpe:2.3:a:cisco:unified_contact_center_enterprise:9.0\\(2\\):*:*:*:*:*:*:*", "matchCriteriaId": "BDD95F91-9154-453E-9FEB-D42569272C05", "vulnerable": true }, { "criteria": "cpe:2.3:a:cisco:unified_contact_center_enterprise:9.0\\(3\\):*:*:*:*:*:*:*", "matchCriteriaId": "CBC62B80-7FD4-40E7-B564-5BAB86C9A3E0", "vulnerable": true }, { "criteria": "cpe:2.3:a:cisco:unified_contact_center_enterprise:9.0\\(4\\):*:*:*:*:*:*:*", "matchCriteriaId": "3959BC80-3414-44ED-8BF9-D875A3A2D080", "vulnerable": true }, { "criteria": "cpe:2.3:a:cisco:unified_contact_center_enterprise:10.0\\(1\\):*:*:*:*:*:*:*", "matchCriteriaId": "2C069E2D-B050-4B40-A81F-80555FB7735D", "vulnerable": true }, { "criteria": "cpe:2.3:a:cisco:unified_contact_center_enterprise:10.0\\(2\\):*:*:*:*:*:*:*", "matchCriteriaId": "D4712491-E1C1-48E4-A7AC-75464BB2F985", "vulnerable": true }, { "criteria": "cpe:2.3:a:cisco:unified_contact_center_enterprise:10.5\\(1\\):*:*:*:*:*:*:*", "matchCriteriaId": "31797740-DAA5-44F6-8E23-EB2164D31AB1", "vulnerable": true }, { "criteria": "cpe:2.3:a:cisco:unified_contact_center_enterprise:10.5\\(2\\):*:*:*:*:*:*:*", "matchCriteriaId": "DA09853A-9F2A-4662-800E-F6EA6D2CDC27", "vulnerable": true } ], "negate": false, "operator": "OR" } ] } ], "cveTags": [], "descriptions": [ { "lang": "en", "value": "Cross-site scripting (XSS) vulnerability in the management interface in Cisco Unified Contact Center Enterprise through 10.5(2) allows remote attackers to inject arbitrary web script or HTML via a crafted URL, aka Bug ID CSCux59650." }, { "lang": "es", "value": "Vulnerabilidad de XSS en la interfaz de mantenimiento de Cisco Unified Contact Center Enterprise hasta la versi\u00f3n 10.5(2) permite a atacantes remotos inyectar c\u00f3digo web arbitrario o HTML a trav\u00e9s de de una URL manipulada, tambi\u00e9n conocido como Bug ID CSCux59650." } ], "id": "CVE-2016-1439", "lastModified": "2025-04-12T10:46:40.837", "metrics": { "cvssMetricV2": [ { "acInsufInfo": false, "baseSeverity": "MEDIUM", "cvssData": { "accessComplexity": "MEDIUM", "accessVector": "NETWORK", "authentication": "NONE", "availabilityImpact": "NONE", "baseScore": 4.3, "confidentialityImpact": "NONE", "integrityImpact": "PARTIAL", "vectorString": "AV:N/AC:M/Au:N/C:N/I:P/A:N", "version": "2.0" }, "exploitabilityScore": 8.6, "impactScore": 2.9, "obtainAllPrivilege": false, "obtainOtherPrivilege": false, "obtainUserPrivilege": false, "source": "nvd@nist.gov", "type": "Primary", "userInteractionRequired": true } ], "cvssMetricV30": [ { "cvssData": { "attackComplexity": "LOW", "attackVector": "NETWORK", "availabilityImpact": "NONE", "baseScore": 6.1, "baseSeverity": "MEDIUM", "confidentialityImpact": "LOW", "integrityImpact": "LOW", "privilegesRequired": "NONE", "scope": "CHANGED", "userInteraction": "REQUIRED", "vectorString": "CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N", "version": "3.0" }, "exploitabilityScore": 2.8, "impactScore": 2.7, "source": "nvd@nist.gov", "type": "Primary" } ] }, "published": "2016-06-23T00:59:07.987", "references": [ { "source": "psirt@cisco.com", "tags": [ "Vendor Advisory" ], "url": "http://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20160622-ucce" }, { "source": "psirt@cisco.com", "url": "http://www.securitytracker.com/id/1036155" }, { "source": "af854a3a-2127-422b-91ae-364da2661108", "tags": [ "Vendor Advisory" ], "url": "http://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20160622-ucce" }, { "source": "af854a3a-2127-422b-91ae-364da2661108", "url": "http://www.securitytracker.com/id/1036155" } ], "sourceIdentifier": "psirt@cisco.com", "vulnStatus": "Deferred", "weaknesses": [ { "description": [ { "lang": "en", "value": "CWE-79" } ], "source": "nvd@nist.gov", "type": "Primary" } ] }
Loading…
Loading…
Sightings
Author | Source | Type | Date |
---|
Nomenclature
- Seen: The vulnerability was mentioned, discussed, or seen somewhere by the user.
- Confirmed: The vulnerability is confirmed from an analyst perspective.
- Exploited: This vulnerability was exploited and seen by the user reporting the sighting.
- Patched: This vulnerability was successfully patched by the user reporting the sighting.
- Not exploited: This vulnerability was not exploited or seen by the user reporting the sighting.
- Not confirmed: The user expresses doubt about the veracity of the vulnerability.
- Not patched: This vulnerability was not successfully patched by the user reporting the sighting.
Loading…
Loading…