CVE-2021-1358

Name of the Vulnerable Software and Affected Versions Cisco Finesse (affected versions not specified)

Description A vulnerability in the web-based management interface could allow an unauthenticated, remote attacker to redirect a user to an undesired web page. This issue is due to improper input validation of the URL parameters in an HTTP request sent to an affected system. An attacker could exploit this by persuading a user to click a crafted link, potentially allowing the attacker to cause the interface to redirect the user to a specific, malicious URL. This type of issue is known as an open redirect and is used in phishing attacks.

Recommendations At the moment, there is no information about a newer version that contains a fix for this vulnerability.