Description
A vulnerability in Cisco Finesse could allow an unauthenticated, remote attacker to load arbitrary files from remote locations into an active user session on an affected device, possibly leading to browser-based attacks. This vulnerability is due to insufficient validation of user-supplied input for HTTP requests that are sent to an affected device. An attacker who has knowledge of the address of the affected device could exploit this vulnerability by persuading a user to click a crafted link that contains the affected device address. A successful exploit could allow the attacker to conduct browser-based attacks and execute arbitrary script code in the context of the affected interface or access sensitive information on the affected device.
CVSS breakdown
Affected products
- Cisco / Cisco Finesse11.0(1)ES_Rollback – 11.0(1)ES_Rollback
- Cisco / Cisco Finesse10.5(1)ES4 – 10.5(1)ES4
- Cisco / Cisco Finesse11.6(1)ES3 – 11.6(1)ES3
- Cisco / Cisco Finesse11.0(1)ES2 – 11.0(1)ES2
- Cisco / Cisco Finesse12.0(1)ES2 – 12.0(1)ES2
- Cisco / Cisco Finesse10.5(1)ES3 – 10.5(1)ES3
- Cisco / Cisco Finesse11.0(1) – 11.0(1)
- Cisco / Cisco Finesse11.6(1)FIPS – 11.6(1)FIPS
- Cisco / Cisco Finesse11.6(1)ES4 – 11.6(1)ES4
- Cisco / Cisco Finesse11.0(1)ES3 – 11.0(1)ES3
- Cisco / Cisco Finesse10.5(1)ES6 – 10.5(1)ES6
- Cisco / Cisco Finesse11.0(1)ES7 – 11.0(1)ES7
- Cisco / Cisco Finesse11.5(1)ES4 – 11.5(1)ES4
- Cisco / Cisco Finesse10.5(1)ES8 – 10.5(1)ES8
- Cisco / Cisco Finesse11.5(1) – 11.5(1)
- Cisco / Cisco Finesse11.6(1) – 11.6(1)
- Cisco / Cisco Finesse10.5(1)ES10 – 10.5(1)ES10
- Cisco / Cisco Finesse11.6(1)ES2 – 11.6(1)ES2
- Cisco / Cisco Finesse11.6(1)ES – 11.6(1)ES
- Cisco / Cisco Finesse11.0(1)ES6 – 11.0(1)ES6
- Cisco / Cisco Finesse11.0(1)ES4 – 11.0(1)ES4
- Cisco / Cisco Finesse12.0(1) – 12.0(1)
- Cisco / Cisco Finesse11.6(1)ES7 – 11.6(1)ES7
- Cisco / Cisco Finesse10.5(1)ES7 – 10.5(1)ES7
- Cisco / Cisco Finesse11.6(1)ES8 – 11.6(1)ES8
- Cisco / Cisco Finesse11.5(1)ES1 – 11.5(1)ES1
- Cisco / Cisco Finesse11.6(1)ES1 – 11.6(1)ES1
- Cisco / Cisco Finesse11.5(1)ES5 – 11.5(1)ES5
- Cisco / Cisco Finesse11.0(1)ES1 – 11.0(1)ES1
- Cisco / Cisco Finesse10.5(1) – 10.5(1)
- Cisco / Cisco Finesse11.6(1)ES6 – 11.6(1)ES6
- Cisco / Cisco Finesse10.5(1)ES2 – 10.5(1)ES2
- Cisco / Cisco Finesse12.0(1)ES1 – 12.0(1)ES1
- Cisco / Cisco Finesse11.0(1)ES5 – 11.0(1)ES5
- Cisco / Cisco Finesse10.5(1)ES5 – 10.5(1)ES5
- Cisco / Cisco Finesse11.5(1)ES3 – 11.5(1)ES3
- Cisco / Cisco Finesse11.5(1)ES2 – 11.5(1)ES2
- Cisco / Cisco Finesse10.5(1)ES9 – 10.5(1)ES9
- Cisco / Cisco Finesse11.6(1)ES5 – 11.6(1)ES5
- Cisco / Cisco Finesse11.6(1)ES9 – 11.6(1)ES9
- Cisco / Cisco Finesse11.5(1)ES6 – 11.5(1)ES6
- Cisco / Cisco Finesse10.5(1)ES1 – 10.5(1)ES1
- Cisco / Cisco Finesse12.5(1) – 12.5(1)
- Cisco / Cisco Finesse12.0(1)ES3 – 12.0(1)ES3
- Cisco / Cisco Finesse11.6(1)ES10 – 11.6(1)ES10
- Cisco / Cisco Finesse12.5(1)ES1 – 12.5(1)ES1
- Cisco / Cisco Finesse12.5(1)ES2 – 12.5(1)ES2
- Cisco / Cisco Finesse12.0(1)ES4 – 12.0(1)ES4
- Cisco / Cisco Finesse12.5(1)ES3 – 12.5(1)ES3
- Cisco / Cisco Finesse12.0(1)ES5 – 12.0(1)ES5
- Cisco / Cisco Finesse12.5(1)ES4 – 12.5(1)ES4
- Cisco / Cisco Finesse12.0(1)ES6 – 12.0(1)ES6
- Cisco / Cisco Finesse12.5(1)ES5 – 12.5(1)ES5
- Cisco / Cisco Finesse12.5(1)ES6 – 12.5(1)ES6
- Cisco / Cisco Finesse12.0(1)ES7 – 12.0(1)ES7
- Cisco / Cisco Finesse12.6(1) – 12.6(1)
- Cisco / Cisco Finesse12.5(1)ES7 – 12.5(1)ES7
- Cisco / Cisco Finesse11.6(1)ES11 – 11.6(1)ES11
- Cisco / Cisco Finesse12.6(1)ES1 – 12.6(1)ES1
- Cisco / Cisco Finesse12.0(1)ES8 – 12.0(1)ES8
- Cisco / Cisco Finesse12.5(1)ES8 – 12.5(1)ES8
- Cisco / Cisco Finesse12.6(1)ES2 – 12.6(1)ES2
- Cisco / Cisco Finesse12.6(1)ES3 – 12.6(1)ES3
- Cisco / Cisco Finesse12.6(1)ES4 – 12.6(1)ES4
- Cisco / Cisco Finesse12.6(1)ES5 – 12.6(1)ES5
- Cisco / Cisco Finesse12.5(2) – 12.5(2)
- Cisco / Cisco Finesse12.5(1)_SU – 12.5(1)_SU
- Cisco / Cisco Finesse12.5(1)SU – 12.5(1)SU
- Cisco / Cisco Finesse12.6(1)ES6 – 12.6(1)ES6
- Cisco / Cisco Finesse12.5(1)SU ES1 – 12.5(1)SU ES1
- Cisco / Cisco Finesse12.6(1)ES7 – 12.6(1)ES7
- Cisco / Cisco Finesse12.6(1)ES7_ET – 12.6(1)ES7_ET
- Cisco / Cisco Finesse12.6(2) – 12.6(2)
- Cisco / Cisco Finesse12.6(1)ES8 – 12.6(1)ES8
- Cisco / Cisco Finesse12.6(1)ES9 – 12.6(1)ES9
- Cisco / Cisco Finesse12.6(2)ES1 – 12.6(2)ES1
- Cisco / Cisco Finesse12.6(1)ES10 – 12.6(1)ES10
- Cisco / Cisco Finesse12.5(1)SU ES2 – 12.5(1)SU ES2
- Cisco / Cisco Finesse12.6(1)ES11 – 12.6(1)ES11
- Cisco / Cisco Finesse12.6(2)ES2 – 12.6(2)ES2
- Cisco / Cisco Finesse12.6(2)ES3 – 12.6(2)ES3
- Cisco / Cisco Finesse12.5(1)SU ES3 – 12.5(1)SU ES3
- Cisco / Cisco Finesse12.6(2)ES4 – 12.6(2)ES4
- Cisco / Cisco Finesse12.6(2)ES5 – 12.6(2)ES5
- Cisco / Cisco Finesse15.0(1) – 15.0(1)
- Cisco / Cisco Finesse12.6(2)ES6 – 12.6(2)ES6
- Cisco / Cisco Finesse15.0(1)ES202508 – 15.0(1)ES202508
- Cisco / Cisco Finesse15.0(1)ES202511 – 15.0(1)ES202511
- Cisco / Cisco Finesse15.0(1)ES202602 – 15.0(1)ES202602
- Cisco / Cisco Finesse15.0(1)SU1 – 15.0(1)SU1
- Cisco / Cisco Finesse12.6(2)ES7 – 12.6(2)ES7