CVE-2021-1245

Multiple vulnerabilities in the web-based management interface of Cisco Finesse could allow an unauthenticated, remote attacker to conduct a cross-site scripting (XSS) attack and obtain potentially confidential information by leveraging a flaw in the authentication mechanism. For more information about these vulnerabilities, see the Details section of this advisory.
Advertisement

NeevaHost hosting service

Configurations

Configuration 1 (hide)

OR cpe:2.3:a:cisco:finesse:*:*:*:*:*:*:*:*
cpe:2.3:a:cisco:finesse:12.0\(1\):-:*:*:*:*:*:*
cpe:2.3:a:cisco:finesse:12.0\(1\):es1:*:*:*:*:*:*
cpe:2.3:a:cisco:finesse:12.0\(1\):es2:*:*:*:*:*:*
cpe:2.3:a:cisco:finesse:12.0\(1\):es3:*:*:*:*:*:*
cpe:2.3:a:cisco:finesse:12.0\(1\):es4:*:*:*:*:*:*
cpe:2.3:a:cisco:finesse:12.0\(1\):es5:*:*:*:*:*:*
cpe:2.3:a:cisco:finesse:12.5\(1\):-:*:*:*:*:*:*
cpe:2.3:a:cisco:finesse:12.5\(1\):es1:*:*:*:*:*:*
cpe:2.3:a:cisco:finesse:12.5\(1\):es2:*:*:*:*:*:*
cpe:2.3:a:cisco:finesse:12.5\(1\):es3:*:*:*:*:*:*
cpe:2.3:a:cisco:finesse:12.5\(1\):es4:*:*:*:*:*:*

Information

Published : 2021-01-13 14:15

Updated : 2021-01-20 08:52


NVD link : CVE-2021-1245

Mitre link : CVE-2021-1245


JSON object : View

CWE
CWE-79

Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting')

Advertisement

dedicated server usa

Products Affected

cisco

  • finesse