CVE-2021-1599 – A vulnerability in the web-based management interface of Cisco Unified Customer Voice Port …

22 July 2021

Vuln ID: CVE-2021-1599

Published: 2021-07-22 16:15:08Z

Description: A vulnerability in the web-based management interface of Cisco Unified Customer Voice Portal (CVP) could allow an authenticated, remote attacker to perform a cross-site scripting (XSS) attack against a user. This vulnerability is due to insufficient input validation of a parameter that is used by the web-based management interface. An attacker could exploit this vulnerability by persuading a user to click a malicious link. A successful exploit could allow the attacker to execute arbitrary code in the context of the interface, access sensitive, browser-based information, or cause an affected device to reboot under certain conditions.

Source: NVD.NIST.GOV

Date:

22 July 2021

Categorie(s):

NVD

Tag(s):

NVD

Governments issue alerts after ‘sophisticated’ state-backed actor found exploiting flaws in Cisco security boxes24 April 2024
Smashing Security podcast #369: Keeping the lights on after a ransomware attack24 April 2024
5G Hackathons – Casey Ellis – BTS #2824 April 2024
CoralRaider leverages CDN cache domains in new infostealer campaign24 April 2024
Shouldn’t Teams, Zoom, Slack all interoperate securely for the Feds? Wyden is asking24 April 2024