PT-2023-2110 · Cisco · Cisco Unified Intelligence Center
Kareem Mohamed
·
Published
2023-03-01
·
Updated
2023-03-10
·
CVE-2023-20062
CVSS v2.0
6.8
Medium
| Vector | AV:N/AC:L/Au:S/C:C/I:N/A:N |
Name of the Vulnerable Software and Affected Versions
Cisco Unified Intelligence Center (affected versions not specified)
Description
The issue is related to multiple vulnerabilities in Cisco Unified Intelligence Center that could allow an authenticated, remote attacker to collect sensitive information or perform a server-side request forgery (SSRF) attack on an affected system. This is due to a lack of protection for service data, which can be exploited using a specially crafted HTTP request.
Recommendations
At the moment, there is no information about a newer version that contains a fix for this vulnerability.
SSRF
Information Disclosure
Found an issue in the description? Have something to add? Feel free to write us 👾
Related Identifiers
Affected Products
Cisco Unified Intelligence Center