Vulnerabilities (CVE)

Filtered by vendor Cisco Subscribe

Filtered by product Finesse

Total 25 CVE

CVE	Vendors	Products	Updated	CVSS v2	CVSS v3
CVE-2016-6442	1 Cisco	1 Finesse	2017-07-29	6.8 MEDIUM	8.8 HIGH
A vulnerability in Cisco Finesse Agent and Supervisor Desktop Software could allow an unauthenticated, remote attacker to conduct a cross-site request forgery (CSRF) attack against the user of the web interface. More Information: CSCvb57213. Known Affected Releases: 11.0(1).
CVE-2015-4310	1 Cisco	1 Finesse	2017-01-04	4.3 MEDIUM	N/A
Multiple cross-site scripting (XSS) vulnerabilities in Cisco Finesse 10.5(1) allow remote attackers to inject arbitrary web script or HTML via unspecified parameters in a (1) GET or (2) POST request, aka Bug IDs CSCuq82322, CSCut95853, and CSCuq73975.
CVE-2015-0754	1 Cisco	1 Finesse	2017-01-04	7.5 HIGH	N/A
Cisco Finesse 10.5(1) allows remote authenticated users to obtain sensitive information or cause a denial of service (CPU and memory consumption) via a crafted XML document, aka Bug ID CSCut95810.
CVE-2016-1373	1 Cisco	1 Finesse	2016-12-01	5.0 MEDIUM	8.6 HIGH
The gadgets-integration API in Cisco Finesse 8.5(1) through 8.5(5), 8.6(1), 9.0(1), 9.0(2), 9.1(1), 9.1(1)SU1, 9.1(1)SU1.1, 9.1(1)ES1 through 9.1(1)ES5, 10.0(1), 10.0(1)SU1, 10.0(1)SU1.1, 10.5(1), 10.5(1)ES1 through 10.5(1)ES4, 10.5(1)SU1, 10.5(1)SU1.1, 10.5(1)SU1.7, 10.6(1), 10.6(1)SU1, 10.6(1)SU2, and 11.0(1) allows remote attackers to conduct server-side request forgery (SSRF) attacks via a crafted request, aka Bug ID CSCuw86623.
CVE-2015-0714	1 Cisco	1 Finesse	2015-09-10	4.3 MEDIUM	N/A
Multiple cross-site scripting (XSS) vulnerabilities in Cisco Finesse Server 10.0(1), 10.5(1), 10.6(1), and 11.0(1) allow remote attackers to inject arbitrary web script or HTML via unspecified parameters, aka Bug ID CSCut53595.