CVE-2016-6427
Description
Cross-site request forgery (CSRF) vulnerability in Cisco Unified Intelligence Center (CUIC) 8.5.4 through 9.1(1), as used in Unified Contact Center Express 10.0(1) through 11.0(1), allows remote attackers to hijack the authentication of arbitrary users, aka Bug IDs CSCuy75036 and CSCuy81654.
Risk Information
Base Score
8.8
MODERATE
Vector
CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H
EPSS Score
Exploitation Probability
0.129
Associated Vulnerability
| Vulnerability | OS Platform |
|---|---|
| Cisco Unified Intelligence Center (CUIC) Software Cross-Site Request Forgery Vulnerability For Cisco Unified Contact Center Express | NCM |
| Cisco Unified Intelligence Center (CUIC) Software Cross-Site Request Forgery Vulnerability For Cisco Unified Intelligence Center | NCM |
| Cross-Site Request Forgery (CSRF) Vulnerability (CVE-2016-6427) | NCM |
Patch Details
Click to see the patches provided by ManageEngine for this CVE
| Patch ID | Patch Description |
|---|---|
| PATCH-1706052 | Security Update for Cisco Unified Contact Center Express 11.6(1) |
| PATCH-1705886 | Security Update for Cisco Unified Intelligence Center 11.5(0.98000.126) |
References
https://nvd.nist.gov/vuln/detail/CVE-2023-1234
https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-1234