CNNVD-202511-400 Information
CNNVD ID
CNNVD-202511-400
Related CVE
- CNNVD Published: 2025-11-05
Description (Chinese)
Cisco Unified Contact Center Express(Unified CCX)是美国思科(Cisco)公司的一款统一通信解决方案中的客户关系管理组件。该组件支持自助语音服务、呼叫分配和客户访问控制等功能。 Cisco Unified Contact Center Express(Unified CCX)存在访问控制错误漏洞,该漏洞源于身份验证机制不当,可能导致未经身份验证的攻击者绕过身份验证并获得管理权限。
Description (English)
Cisco Unified Contact Center Express (Unified CCX) is the customer relationship management component of a unified communications solution with Cisco. The component supports functions such as self-service voice services, call allocation and customer access control. Cisco Unified Contact Center Express (Unified CCX) has a bug in access control, which stems from inappropriate identification mechanisms, which may result in unidentified assailants bypassing identification and obtaining regulatory authority.
Hazard Level
Low
Vulnerability Type
访问控制错误
Affected Vendor
思科
Published
2025-11-05
Last Modified
2026-02-24
References
https://sec.cloudapps.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-cc-unauth-rce-QeN8h7mQ https://access.redhat.com/security/cve/cve-2025-20358