CVE-2017-6722
 
Severity Score
Exploit Likelihood
Affected Versions
Public Exploits
0Exploited in Wild
-Decision
Descriptions
A vulnerability in the Extensible Messaging and Presence Protocol (XMPP) service of Cisco Unified Contact Center Express (UCCx) could allow an unauthenticated, remote attacker to masquerade as a legitimate user, aka a Clear Text Authentication Vulnerability. More Information: CSCuw86638. Known Affected Releases: 10.6(1). Known Fixed Releases: 11.5(1.10000.61).
Una vulnerabilidad en el servicio Extensible Messaging and Presence Protocol (XMPP) de Unified Contact Center Express (UCCx) de Cisco, podría permitir a un atacante remoto no identificado hacerse pasar por un usuario legítimo, también se conoce como una Vulnerabilidad de Autenticación de Texto Sin Cifrar. Más información: CSCuw86638. Versiones Afectadas Conocidas: 10.6(1). Versiones Fijas Conocidas: 11.5(1.10000.61).
CVSS Scores
SSVC
- Decision:-
Timeline
- 2017-03-09 CVE Reserved
- 2017-07-04 CVE Published
- 2023-03-07 EPSS Updated
- 2024-08-05 CVE Updated
- ---------- Exploited in Wild
- ---------- KEV Due Date
- ---------- First Exploit
CWE
- CWE-287: Improper Authentication
CAPEC
References (3)
URL | Tag | Source |
---|---|---|
http://www.securityfocus.com/bid/99201 | Third Party Advisory | |
http://www.securitytracker.com/id/1038749 | Third Party Advisory |
URL | Date | SRC |
---|
URL | Date | SRC |
---|
URL | Date | SRC |
---|---|---|
https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20170621-ucce | 2017-07-07 |
Affected Vendors, Products, and Versions
Vendor | Product | Version | Other | Status | ||||||
---|---|---|---|---|---|---|---|---|---|---|
Vendor | Product | Version | Other | Status | <-- --> | Vendor | Product | Version | Other | Status |
Cisco Search vendor "Cisco" | Unified Contact Center Express Search vendor "Cisco" for product "Unified Contact Center Express" | 11.5\(1\) Search vendor "Cisco" for product "Unified Contact Center Express" and version "11.5\(1\)" | - |
Affected
| ||||||
Cisco Search vendor "Cisco" | Unified Contact Center Express Search vendor "Cisco" for product "Unified Contact Center Express" | 11.5.1es01 Search vendor "Cisco" for product "Unified Contact Center Express" and version "11.5.1es01" | - |
Affected
| ||||||
Cisco Search vendor "Cisco" | Unified Contact Center Express Search vendor "Cisco" for product "Unified Contact Center Express" | 11.5.1su1 Search vendor "Cisco" for product "Unified Contact Center Express" and version "11.5.1su1" | - |
Affected
|