Improper input validation in Cisco Unified_contact_center_express

CVE-2011-2583

Cisco Unified Contact Center Express (aka CCX) 8.0 and 8.5 allows remote attackers to cause a denial of service via network traffic, as demonstrated by an SEC-BE-STABLE test case, aka Bug ID CSCth33834.

Vulnerability class: Drupalgeddon 2 (CVE-2018-7600)

EPSS: 0.005 (67.8th percentile) — read the EPSS interpretation.

Affected products

Cisco Unified_contact_center_express — versions 8.0, 8.5
N/a — versions n/a

Weakness classification (CWE)

CWE-20 — Improper Input Validation

References

ccx-network-traffic-dos(75339) (vdb-entry, x_refsource_XF)
psirt@cisco.com (x_refsource_CONFIRM)
1027009 (vdb-entry, x_refsource_SECTRACK)