NVD

Id
17786  
Name
CVE-2016-1373  
Description
The gadgets-integration API in Cisco Finesse 8.5(1) through 8.5(5), 8.6(1), 9.0(1), 9.0(2), 9.1(1), 9.1(1)SU1, 9.1(1)SU1.1, 9.1(1)ES1 through 9.1(1)ES5, 10.0(1), 10.0(1)SU1, 10.0(1)SU1.1, 10.5(1), 10.5(1)ES1 through 10.5(1)ES4, 10.5(1)SU1, 10.5(1)SU1.1, 10.5(1)SU1.7, 10.6(1), 10.6(1)SU1, 10.6(1)SU2, and 11.0(1) allows remote attackers to conduct server-side request forgery (SSRF) attacks via a crafted request, aka Bug ID CSCuw86623.  
Reject
 
CVSS Version
2  
CVSS Score
5  
Severity
Medium  
CVSS Base Score
5  
CVSS Impact Subscore
2.9  
CVSS Exploit Subscore
10  
CVSS Vector
(AV:N/AC:L/Au:N/C:N/I:P/A:N)  
Pub Date
2017-01-19  
Published
2016-05-05  
Modified Date
2016-11-30  
Seq
2016-1373  

Actions

Related NVD References

Id NVD Id NVD No. Reference Actions
97722 17786 CVE-2016-1373 20160504 Cisco Finesse HTTP Request Processing Server-Side Request Forgery Vulnerability  View
97723 17786 CVE-2016-1373 1035756  View

Related JVN

Id Name Title Summary Cveinfo Name Cveinfo Id Nvdinfo Name Nvdinfo Id Cvssv2 Cvssv3 Jvnurl Published Date Last Updated Date Actions
1940 JVNDB-2016-002713 Cisco Finesse のガジェット統合 API におけるサーバサイドのリクエストフォージェリの脆弱性 Cisco Finesse のガジェット統合 (gadgets-integration) API には、サーバサイドのリクエストフォージェリ攻撃を実行される脆弱性が存在します。 CVE-2016-1373 87879 CVE-2016-1373 17786 5 8.6 http://jvndb.jvn.jp/ja/contents/2016/JVNDB-2016-002713.html 2016-05-04 2016-05-18 View