{"containers": {"cna": {"affected": [{"product": "n/a", "vendor": "n/a", "versions": [{"status": "affected", "version": "n/a"}]}], "datePublic": "2016-06-22T00:00:00", "descriptions": [{"lang": "en", "value": "Cross-site scripting (XSS) vulnerability in the management interface in Cisco Unified Contact Center Enterprise through 10.5(2) allows remote attackers to inject arbitrary web script or HTML via a crafted URL, aka Bug ID CSCux59650."}], "problemTypes": [{"descriptions": [{"description": "n/a", "lang": "en", "type": "text"}]}], "providerMetadata": {"dateUpdated": "2016-11-28T20:57:01", "orgId": "d1c1063e-7a18-46af-9102-31f8928bc633", "shortName": "cisco"}, "references": [{"name": "20160622 Cisco Unified Contact Center Enterprise Web-Based Management Interface Cross-Site Scripting Vulnerability", "tags": ["vendor-advisory", "x_refsource_CISCO"], "url": "http://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20160622-ucce"}, {"name": "1036155", "tags": ["vdb-entry", "x_refsource_SECTRACK"], "url": "http://www.securitytracker.com/id/1036155"}], "x_legacyV4Record": {"CVE_data_meta": {"ASSIGNER": "psirt@cisco.com", "ID": "CVE-2016-1439", "STATE": "PUBLIC"}, "affects": {"vendor": {"vendor_data": [{"product": {"product_data": [{"product_name": "n/a", "version": {"version_data": [{"version_value": "n/a"}]}}]}, "vendor_name": "n/a"}]}}, "data_format": "MITRE", "data_type": "CVE", "data_version": "4.0", "description": {"description_data": [{"lang": "eng", "value": "Cross-site scripting (XSS) vulnerability in the management interface in Cisco Unified Contact Center Enterprise through 10.5(2) allows remote attackers to inject arbitrary web script or HTML via a crafted URL, aka Bug ID CSCux59650."}]}, "problemtype": {"problemtype_data": [{"description": [{"lang": "eng", "value": "n/a"}]}]}, "references": {"reference_data": [{"name": "20160622 Cisco Unified Contact Center Enterprise Web-Based Management Interface Cross-Site Scripting Vulnerability", "refsource": "CISCO", "url": "http://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20160622-ucce"}, {"name": "1036155", "refsource": "SECTRACK", "url": "http://www.securitytracker.com/id/1036155"}]}}}}, "cveMetadata": {"assignerOrgId": "d1c1063e-7a18-46af-9102-31f8928bc633", "assignerShortName": "cisco", "cveId": "CVE-2016-1439", "datePublished": "2016-06-23T00:00:00", "dateReserved": "2016-01-04T00:00:00", "dateUpdated": "2016-11-28T20:57:01", "state": "PUBLISHED"}, "dataType": "CVE_RECORD", "dataVersion": "5.0"}

{"configurations": [{"nodes": [{"cpeMatch": [{"criteria": "cpe:2.3:a:cisco:unified_contact_center_enterprise:4.6\\(2\\):sr1:*:*:*:*:*:*", "matchCriteriaId": "E7479E94-6941-47BF-B58C-48DA0ABA9C0E", "vulnerable": true}, {"criteria": "cpe:2.3:a:cisco:unified_contact_center_enterprise:4.6\\(2\\):sr2:*:*:*:*:*:*", "matchCriteriaId": "0069B7BF-7E8C-403E-A820-3F93A500DD51", "vulnerable": true}, {"criteria": "cpe:2.3:a:cisco:unified_contact_center_enterprise:4.6\\(2\\):sr3:*:*:*:*:*:*", "matchCriteriaId": "99D22E90-551F-467C-B7DB-10807269AF2E", "vulnerable": true}, {"criteria": "cpe:2.3:a:cisco:unified_contact_center_enterprise:4.6\\(2\\):sr4:*:*:*:*:*:*", "matchCriteriaId": "B206376C-B7AD-4794-9EF9-DE20FF6BF7E4", "vulnerable": true}, {"criteria": "cpe:2.3:a:cisco:unified_contact_center_enterprise:4.6\\(2\\):sr5:*:*:*:*:*:*", "matchCriteriaId": "AAAFDAF7-6951-41C1-8B09-7A949CEE2383", "vulnerable": true}, {"criteria": "cpe:2.3:a:cisco:unified_contact_center_enterprise:4.6\\(2\\):sr6:*:*:*:*:*:*", "matchCriteriaId": "A6A9CC97-8F31-44AB-829F-D3BE49BDBF3B", "vulnerable": true}, {"criteria": "cpe:2.3:a:cisco:unified_contact_center_enterprise:4.6.2:*:*:*:*:*:*:*", "matchCriteriaId": "14528A7C-B832-475F-A4B7-A9868743DA43", "vulnerable": true}, {"criteria": "cpe:2.3:a:cisco:unified_contact_center_enterprise:5.0\\(0\\):*:*:*:*:*:*:*", "matchCriteriaId": "1E8D2BD9-9D9D-4ABD-AAEA-3D8E51354AFA", "vulnerable": true}, {"criteria": "cpe:2.3:a:cisco:unified_contact_center_enterprise:5.0\\(0\\):sr10:*:*:*:*:*:*", "matchCriteriaId": "313DBC88-A1ED-476B-872F-C26A95E0C25E", "vulnerable": true}, {"criteria": "cpe:2.3:a:cisco:unified_contact_center_enterprise:5.0\\(0\\):sr11:*:*:*:*:*:*", "matchCriteriaId": "B17BB1B7-9A55-4B13-98C2-923B6C980C6B", "vulnerable": true}, {"criteria": "cpe:2.3:a:cisco:unified_contact_center_enterprise:5.0\\(0\\):sr12:*:*:*:*:*:*", "matchCriteriaId": "FE730E25-75B9-42E7-A0DA-95A5E6AFA04F", "vulnerable": true}, {"criteria": "cpe:2.3:a:cisco:unified_contact_center_enterprise:5.0\\(0\\):sr13:*:*:*:*:*:*", "matchCriteriaId": "D5C108BF-7B1F-4A88-BCBA-26E4B09EA251", "vulnerable": true}, {"criteria": "cpe:2.3:a:cisco:unified_contact_center_enterprise:5.0\\(0\\):sr2:*:*:*:*:*:*", "matchCriteriaId": "CDA5EAC9-AD6D-4F2C-BCB2-E8FA7AFC2944", "vulnerable": true}, {"criteria": "cpe:2.3:a:cisco:unified_contact_center_enterprise:5.0\\(0\\):sr3:*:*:*:*:*:*", "matchCriteriaId": "6DCC19EC-E9AF-4BE0-B2F9-BBAC573B9161", "vulnerable": true}, {"criteria": "cpe:2.3:a:cisco:unified_contact_center_enterprise:5.0\\(0\\):sr4:*:*:*:*:*:*", "matchCriteriaId": "6F50C2C2-7745-4364-A7EA-1AAEEE134304", "vulnerable": true}, {"criteria": "cpe:2.3:a:cisco:unified_contact_center_enterprise:5.0\\(0\\):sr5:*:*:*:*:*:*", "matchCriteriaId": "3B6FA206-35E4-4A90-B78A-94478EB3A97A", "vulnerable": true}, {"criteria": "cpe:2.3:a:cisco:unified_contact_center_enterprise:5.0\\(0\\):sr7:*:*:*:*:*:*", "matchCriteriaId": "DA7A42AF-500C-491D-98C7-D61F9020784F", "vulnerable": true}, {"criteria": "cpe:2.3:a:cisco:unified_contact_center_enterprise:5.0\\(0\\):sr8:*:*:*:*:*:*", "matchCriteriaId": "2C65714F-1FD1-45D1-980E-4E45CBE427A2", "vulnerable": true}, {"criteria": "cpe:2.3:a:cisco:unified_contact_center_enterprise:5.0\\(0\\):sr9:*:*:*:*:*:*", "matchCriteriaId": "063534B0-ECB3-4ACF-9E0A-EE9ABF98C70C", "vulnerable": true}, {"criteria": "cpe:2.3:a:cisco:unified_contact_center_enterprise:6.0\\(0\\):sr1:*:*:*:*:*:*", "matchCriteriaId": "D3D58D63-B3E2-423E-B708-F909E3A7245B", "vulnerable": true}, {"criteria": "cpe:2.3:a:cisco:unified_contact_center_enterprise:6.0\\(0\\):sr10:*:*:*:*:*:*", "matchCriteriaId": "3BDE7ED5-2479-4571-8921-544794738C39", "vulnerable": true}, {"criteria": "cpe:2.3:a:cisco:unified_contact_center_enterprise:6.0\\(0\\):sr11:*:*:*:*:*:*", "matchCriteriaId": "D20AEFBB-D4B6-40D4-9F5D-A5823F3ED53A", "vulnerable": true}, {"criteria": "cpe:2.3:a:cisco:unified_contact_center_enterprise:6.0\\(0\\):sr12:*:*:*:*:*:*", "matchCriteriaId": "E3BC0486-954B-4BCB-BC7A-F968F4B757C2", "vulnerable": true}, {"criteria": "cpe:2.3:a:cisco:unified_contact_center_enterprise:6.0\\(0\\):sr2:*:*:*:*:*:*", "matchCriteriaId": "6352955F-BD2C-4999-91D2-B34CF3F44436", "vulnerable": true}, {"criteria": "cpe:2.3:a:cisco:unified_contact_center_enterprise:6.0\\(0\\):sr3:*:*:*:*:*:*", "matchCriteriaId": "48C5ED18-DE61-4F24-AF6A-EA6C8B09A822", "vulnerable": true}, {"criteria": "cpe:2.3:a:cisco:unified_contact_center_enterprise:6.0\\(0\\):sr4:*:*:*:*:*:*", "matchCriteriaId": "7F6E28F2-4FA6-4CC3-9C8D-298DAF894547", "vulnerable": true}, {"criteria": "cpe:2.3:a:cisco:unified_contact_center_enterprise:6.0\\(0\\):sr5:*:*:*:*:*:*", "matchCriteriaId": "2206BB99-F76C-4D89-8B1B-A58E0B60DC19", "vulnerable": true}, {"criteria": "cpe:2.3:a:cisco:unified_contact_center_enterprise:6.0\\(0\\):sr6:*:*:*:*:*:*", "matchCriteriaId": "0176D18E-7CD8-46A8-A5C5-C090855985AD", "vulnerable": true}, {"criteria": "cpe:2.3:a:cisco:unified_contact_center_enterprise:6.0\\(0\\):sr7:*:*:*:*:*:*", "matchCriteriaId": "9DF4EC9A-9822-4484-BC9E-8D593BE8CF82", "vulnerable": true}, {"criteria": "cpe:2.3:a:cisco:unified_contact_center_enterprise:6.0\\(0\\):sr8:*:*:*:*:*:*", "matchCriteriaId": "3C5BDE6E-FF4A-480E-9A0D-5F020B81F765", "vulnerable": true}, {"criteria": "cpe:2.3:a:cisco:unified_contact_center_enterprise:6.0\\(0\\):sr9:*:*:*:*:*:*", "matchCriteriaId": "A80FA546-3758-4094-BF13-2D7457A069BC", "vulnerable": true}, {"criteria": "cpe:2.3:a:cisco:unified_contact_center_enterprise:7.0\\(0\\):sr1:*:*:*:*:*:*", "matchCriteriaId": "6825BA64-3C8E-4FD7-A926-21BC6ABAD208", "vulnerable": true}, {"criteria": "cpe:2.3:a:cisco:unified_contact_center_enterprise:7.0\\(0\\):sr2:*:*:*:*:*:*", "matchCriteriaId": "9A091A29-F614-4D90-A4EC-549D49AF6671", "vulnerable": true}, {"criteria": "cpe:2.3:a:cisco:unified_contact_center_enterprise:7.0\\(0\\):sr3:*:*:*:*:*:*", "matchCriteriaId": "51B28919-D8B9-4DC5-BBA5-EDF5F521B44D", "vulnerable": true}, {"criteria": "cpe:2.3:a:cisco:unified_contact_center_enterprise:7.0\\(0\\):sr4:*:*:*:*:*:*", "matchCriteriaId": "3FD133BC-F5C9-405D-BC0E-B63735EE8DA7", "vulnerable": true}, {"criteria": "cpe:2.3:a:cisco:unified_contact_center_enterprise:7.1\\(2\\):*:*:*:*:*:*:*", "matchCriteriaId": "CBE2F387-58FF-4D11-840E-32F78CA8D6A9", "vulnerable": true}, {"criteria": "cpe:2.3:a:cisco:unified_contact_center_enterprise:7.1\\(3\\):*:*:*:*:*:*:*", "matchCriteriaId": "746C8DAB-A31B-4C34-9DD6-A7D7965C650B", "vulnerable": true}, {"criteria": "cpe:2.3:a:cisco:unified_contact_center_enterprise:7.1\\(4\\):*:*:*:*:*:*:*", "matchCriteriaId": "1C2C272E-3D96-4532-BC2C-CAF72C5257CD", "vulnerable": true}, {"criteria": "cpe:2.3:a:cisco:unified_contact_center_enterprise:7.1\\(5\\):*:*:*:*:*:*:*", "matchCriteriaId": "B5AE16C9-6712-4964-B32E-3D5BE09B19ED", "vulnerable": true}, {"criteria": "cpe:2.3:a:cisco:unified_contact_center_enterprise:7.1.0:*:*:*:*:*:*:*", "matchCriteriaId": "CCDCD1C8-BE0C-4158-83CF-91B6E9F96C17", "vulnerable": true}, {"criteria": "cpe:2.3:a:cisco:unified_contact_center_enterprise:7.2\\(1\\):*:*:*:*:*:*:*", "matchCriteriaId": "F760C563-7F86-49E3-93BC-DA773E60FD5E", "vulnerable": true}, {"criteria": "cpe:2.3:a:cisco:unified_contact_center_enterprise:7.2\\(2\\):*:*:*:*:*:*:*", "matchCriteriaId": "BED52C67-172E-4DF7-89D3-2A21B5F0F229", "vulnerable": true}, {"criteria": "cpe:2.3:a:cisco:unified_contact_center_enterprise:7.2\\(3\\):*:*:*:*:*:*:*", "matchCriteriaId": "40A108B8-C9C9-468E-BA71-5C7BA3068B0E", "vulnerable": true}, {"criteria": "cpe:2.3:a:cisco:unified_contact_center_enterprise:7.2\\(4\\):*:*:*:*:*:*:*", "matchCriteriaId": "B981CBC7-9EAD-4165-8598-B475C97B76B5", "vulnerable": true}, {"criteria": "cpe:2.3:a:cisco:unified_contact_center_enterprise:7.2\\(5\\):*:*:*:*:*:*:*", "matchCriteriaId": "208B4C22-B606-4186-81E1-8049B3324C13", "vulnerable": true}, {"criteria": "cpe:2.3:a:cisco:unified_contact_center_enterprise:7.2\\(6\\):*:*:*:*:*:*:*", "matchCriteriaId": "59869B06-8BCC-4863-983A-855FD54746C2", "vulnerable": true}, {"criteria": "cpe:2.3:a:cisco:unified_contact_center_enterprise:7.2\\(7\\):*:*:*:*:*:*:*", "matchCriteriaId": "AB45170E-0952-4453-B32D-CA8A57F0A5AF", "vulnerable": true}, {"criteria": "cpe:2.3:a:cisco:unified_contact_center_enterprise:7.5\\(2\\):*:*:*:*:*:*:*", "matchCriteriaId": "8C53BD51-2F26-4672-B0E8-269FBA8DE958", "vulnerable": true}, {"criteria": "cpe:2.3:a:cisco:unified_contact_center_enterprise:7.5\\(3\\):*:*:*:*:*:*:*", "matchCriteriaId": "26C8838B-DDF7-46A9-816D-13743C28D6E8", "vulnerable": true}, {"criteria": "cpe:2.3:a:cisco:unified_contact_center_enterprise:7.5\\(4\\):*:*:*:*:*:*:*", "matchCriteriaId": "1BC2A7C9-8968-4ACB-A079-0F553A24BCE7", "vulnerable": true}, {"criteria": "cpe:2.3:a:cisco:unified_contact_center_enterprise:7.5\\(5\\):*:*:*:*:*:*:*", "matchCriteriaId": "88C5E4AE-C173-4A62-8FA7-91748D3BA038", "vulnerable": true}, {"criteria": "cpe:2.3:a:cisco:unified_contact_center_enterprise:7.5\\(6\\):*:*:*:*:*:*:*", "matchCriteriaId": "01D23834-0F6C-47B9-9E17-BDBE184A3F79", "vulnerable": true}, {"criteria": "cpe:2.3:a:cisco:unified_contact_center_enterprise:7.5\\(7\\):*:*:*:*:*:*:*", "matchCriteriaId": "2798ED94-013F-4ADC-B359-8EB76472B508", "vulnerable": true}, {"criteria": "cpe:2.3:a:cisco:unified_contact_center_enterprise:7.5\\(8\\):*:*:*:*:*:*:*", "matchCriteriaId": "AF43F0A0-87E2-411C-9E69-8F5D50CBBF59", "vulnerable": true}, {"criteria": "cpe:2.3:a:cisco:unified_contact_center_enterprise:7.5\\(9\\):*:*:*:*:*:*:*", "matchCriteriaId": "E3937C3A-5820-4D03-8F28-3139EB5A1433", "vulnerable": true}, {"criteria": "cpe:2.3:a:cisco:unified_contact_center_enterprise:7.5\\(10\\):*:*:*:*:*:*:*", "matchCriteriaId": "49D8E519-946B-4522-A859-240292A5B5FC", "vulnerable": true}, {"criteria": "cpe:2.3:a:cisco:unified_contact_center_enterprise:8.0\\(2\\):*:*:*:*:*:*:*", "matchCriteriaId": "28C9CC12-DF4C-43BA-827A-09AAB389915B", "vulnerable": true}, {"criteria": "cpe:2.3:a:cisco:unified_contact_center_enterprise:8.0\\(3\\):*:*:*:*:*:*:*", "matchCriteriaId": "2DD1A7B8-77A0-40CE-BB65-338DBB420BB7", "vulnerable": true}, {"criteria": "cpe:2.3:a:cisco:unified_contact_center_enterprise:8.5\\(1\\):*:*:*:*:*:*:*", "matchCriteriaId": "B84C3C62-6F72-4781-A6C2-2C14FCAEA9E6", "vulnerable": true}, {"criteria": "cpe:2.3:a:cisco:unified_contact_center_enterprise:8.5\\(2\\):*:*:*:*:*:*:*", "matchCriteriaId": "D7FB82A9-29CF-4215-A3D7-D9417C905102", "vulnerable": true}, {"criteria": "cpe:2.3:a:cisco:unified_contact_center_enterprise:8.5\\(3\\):*:*:*:*:*:*:*", "matchCriteriaId": "CBCCB6E8-F04D-43B5-9450-B728C6CF3632", "vulnerable": true}, {"criteria": "cpe:2.3:a:cisco:unified_contact_center_enterprise:8.5\\(4\\):*:*:*:*:*:*:*", "matchCriteriaId": "ACAD7EC3-74FE-405D-BDE9-3DB1DBAED814", "vulnerable": true}, {"criteria": "cpe:2.3:a:cisco:unified_contact_center_enterprise:9.0\\(2\\):*:*:*:*:*:*:*", "matchCriteriaId": "BDD95F91-9154-453E-9FEB-D42569272C05", "vulnerable": true}, {"criteria": "cpe:2.3:a:cisco:unified_contact_center_enterprise:9.0\\(3\\):*:*:*:*:*:*:*", "matchCriteriaId": "CBC62B80-7FD4-40E7-B564-5BAB86C9A3E0", "vulnerable": true}, {"criteria": "cpe:2.3:a:cisco:unified_contact_center_enterprise:9.0\\(4\\):*:*:*:*:*:*:*", "matchCriteriaId": "3959BC80-3414-44ED-8BF9-D875A3A2D080", "vulnerable": true}, {"criteria": "cpe:2.3:a:cisco:unified_contact_center_enterprise:10.0\\(1\\):*:*:*:*:*:*:*", "matchCriteriaId": "2C069E2D-B050-4B40-A81F-80555FB7735D", "vulnerable": true}, {"criteria": "cpe:2.3:a:cisco:unified_contact_center_enterprise:10.0\\(2\\):*:*:*:*:*:*:*", "matchCriteriaId": "D4712491-E1C1-48E4-A7AC-75464BB2F985", "vulnerable": true}, {"criteria": "cpe:2.3:a:cisco:unified_contact_center_enterprise:10.5\\(1\\):*:*:*:*:*:*:*", "matchCriteriaId": "31797740-DAA5-44F6-8E23-EB2164D31AB1", "vulnerable": true}, {"criteria": "cpe:2.3:a:cisco:unified_contact_center_enterprise:10.5\\(2\\):*:*:*:*:*:*:*", "matchCriteriaId": "DA09853A-9F2A-4662-800E-F6EA6D2CDC27", "vulnerable": true}], "negate": false, "operator": "OR"}]}], "descriptions": [{"lang": "en", "value": "Cross-site scripting (XSS) vulnerability in the management interface in Cisco Unified Contact Center Enterprise through 10.5(2) allows remote attackers to inject arbitrary web script or HTML via a crafted URL, aka Bug ID CSCux59650."}, {"lang": "es", "value": "Vulnerabilidad de XSS en la interfaz de mantenimiento de Cisco Unified Contact Center Enterprise hasta la versi\u00f3n 10.5(2) permite a atacantes remotos inyectar c\u00f3digo web arbitrario o HTML a trav\u00e9s de de una URL manipulada, tambi\u00e9n conocido como Bug ID CSCux59650."}], "id": "CVE-2016-1439", "lastModified": "2016-11-30T03:04:14.367", "metrics": {"cvssMetricV2": [{"acInsufInfo": false, "baseSeverity": "MEDIUM", "cvssData": {"accessComplexity": "MEDIUM", "accessVector": "NETWORK", "authentication": "NONE", "availabilityImpact": "NONE", "baseScore": 4.3, "confidentialityImpact": "NONE", "integrityImpact": "PARTIAL", "vectorString": "AV:N/AC:M/Au:N/C:N/I:P/A:N", "version": "2.0"}, "exploitabilityScore": 8.6, "impactScore": 2.9, "obtainAllPrivilege": false, "obtainOtherPrivilege": false, "obtainUserPrivilege": false, "source": "nvd@nist.gov", "type": "Primary", "userInteractionRequired": true}], "cvssMetricV30": [{"cvssData": {"attackComplexity": "LOW", "attackVector": "NETWORK", "availabilityImpact": "NONE", "baseScore": 6.1, "baseSeverity": "MEDIUM", "confidentialityImpact": "LOW", "integrityImpact": "LOW", "privilegesRequired": "NONE", "scope": "CHANGED", "userInteraction": "REQUIRED", "vectorString": "CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N", "version": "3.0"}, "exploitabilityScore": 2.8, "impactScore": 2.7, "source": "nvd@nist.gov", "type": "Primary"}]}, "published": "2016-06-23T00:59:07.987", "references": [{"source": "ykramarz@cisco.com", "tags": ["Vendor Advisory"], "url": "http://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20160622-ucce"}, {"source": "ykramarz@cisco.com", "url": "http://www.securitytracker.com/id/1036155"}], "sourceIdentifier": "ykramarz@cisco.com", "vulnStatus": "Modified", "weaknesses": [{"description": [{"lang": "en", "value": "CWE-79"}], "source": "nvd@nist.gov", "type": "Primary"}]}

{}