Vulnerabilities (CVE)

Filtered by vendor Cisco Subscribe

Filtered by product Finesse

CVSS v3 Filter

ALL

NONE (0.0) LOW (0.1 - 3.9) MEDIUM (4.0 - 6.9) HIGH (7.0 - 8.9) CRITICAL (9.0 - 10.0)

Search

Total 5 CVE

CVE	Vendors	Products	Updated	CVSS v2	CVSS v3
CVE-2013-3455	1 Cisco	1 Finesse	2017-08-29	5.0 MEDIUM	N/A
Cisco Finesse allows remote attackers to obtain sensitive information by sniffing the network for HTTP query data, aka Bug ID CSCug16732.
CVE-2013-3457	1 Cisco	1 Finesse	2017-08-29	5.0 MEDIUM	N/A
Absolute path traversal vulnerability in the web interface in Cisco Finesse allows remote attackers to read directory contents via a direct request to a directory URL, aka Bug ID CSCug16772.
CVE-2015-4310	1 Cisco	1 Finesse	2017-01-04	4.3 MEDIUM	N/A
Multiple cross-site scripting (XSS) vulnerabilities in Cisco Finesse 10.5(1) allow remote attackers to inject arbitrary web script or HTML via unspecified parameters in a (1) GET or (2) POST request, aka Bug IDs CSCuq82322, CSCut95853, and CSCuq73975.
CVE-2015-0754	1 Cisco	1 Finesse	2017-01-04	7.5 HIGH	N/A
Cisco Finesse 10.5(1) allows remote authenticated users to obtain sensitive information or cause a denial of service (CPU and memory consumption) via a crafted XML document, aka Bug ID CSCut95810.
CVE-2015-0714	1 Cisco	1 Finesse	2015-09-10	4.3 MEDIUM	N/A
Multiple cross-site scripting (XSS) vulnerabilities in Cisco Finesse Server 10.0(1), 10.5(1), 10.6(1), and 11.0(1) allow remote attackers to inject arbitrary web script or HTML via unspecified parameters, aka Bug ID CSCut53595.