-/10CrowdSec Score

Cisco Unified Contact Center Enterprise - SSRF (CVE-2024-20404)

Published on05-06-2024

First seen on01-01-1970

Public ExploitCVSS 7.2/10Cisco - Cisco Unified Contact Center EnterpriseCisco - Cisco Unified Contact Center ExpressCisco - Cisco FinesseCisco - Cisco Packaged Contact Center Enterprise

0Exploiting IPs reported

A vulnerability in the web-based management interface of Cisco Finesse could allow an unauthenticated, remote attacker to conduct an SSRF attack on an affected system. This vulnerability is due to insufficient validation of user-supplied input for specific HTTP requests that are sent to an affected system. An attacker could exploit this vulnerability by sending a crafted HTTP request to the affected device. A successful exploit could allow the attacker to obtain limited sensitive information for services that are associated to the affected device.

Exploitation

Get real-time information about exploitation attempts and actors involved.

Detected IPs

Discover the IPs that targeted this vulnerability across the CrowdSec Network.

・

Common Weakness Enumeration (CWE)

Protection

Find out relevant information to protect your stack against this CVE.

Blocklist

With our advanced worldwide network detection, CrowdSec can provide a list of IPs known for exploiting the vulnerability.

To increase your protection against this CVE, block exploitation attempts with this list of identified actors.