CNNVD-202511-401 Information
CNNVD ID
CNNVD-202511-401
Related CVE
- CNNVD Published: 2025-11-05
Description (Chinese)
Cisco Unified Contact Center Express(Unified CCX)是美国思科(Cisco)公司的一款统一通信解决方案中的客户关系管理组件。该组件支持自助语音服务、呼叫分配和客户访问控制等功能。 Cisco Unified Contact Center Express(Unified CCX)存在代码问题漏洞,该漏洞源于特定UI功能输入验证不足,可能导致上传和执行任意文件。
Description (English)
Cisco Unified Contact Center Express (Unified CCX) is the customer relationship management component of a unified communications solution with Cisco. The component supports functions such as self-service voice services, call allocation and customer access control. Cisco Unified Contact Center Express (Unified CCX) has a code gap, which stems from inadequate input validation of specific UI functions, which may lead to the uploading and execution of any file.
Hazard Level
High
Vulnerability Type
代码问题
Affected Vendor
思科
Published
2025-11-05
Last Modified
2026-02-24
References
https://sec.cloudapps.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-cc-mult-vuln-gK4TFXSn https://access.redhat.com/security/cve/cve-2025-20375