Cisco Unified Intelligence Center server-side request forgery | CVE-2023-20062
NAME
__________
Cisco Unified Intelligence Center server-side request forgery
Platforms Affected:
Cisco Unified Contact Center Enterprise
Cisco Unified Contact Center Express
Cisco Unified Intelligence Center (CUIC)
Cisco Packaged Contact Center Enterprise
Risk Level:
5
Exploitability:
Unproven
Consequences:
Obtain Information
DESCRIPTION
__________
Cisco Unified Intelligence Center is vulnerable to server-side request forgery, caused by improper input validation for specific HTTP requests. By sending a specially-crafted HTTP request, an attacker could exploit this vulnerability to conduct SSRF attack to send arbitrary network requests.
CVSS 3.0 Information
__________
Privileges Required:
Low
User Interaction:
None
Scope:
Changed
Access Vector:
Network
A considerable amount of time and effort goes into maintaining this website, creating backend automation and creating new features and content for you to make actionable intelligence decisions. Everyone that supports the site helps enable new functionality.
If you like the site, please support us on Patreon using the button below
To keep up to date follow us on the below channels.
