CVE-2016-1307 — Vulnetix

CVE-2016-1307 PUBLISHED CVSS 5.5 MEDIUM

The Openfire server in Cisco Finesse Desktop 10.5(1) and 11.0(1) and Unified Contact Center Express 10.6(1) has a hardcoded account, which makes it easier for remote attackers to obtain access via an XMPP session, aka Bug ID CSCuw79085.

EPSS 0.16% · 36.2th percentile

Risk Scores

CVSS 2.0

5.5

EPSS Score

0.16%

36.2th percentile

Affected Products

Vendor	Product	Versions
zyxel	gs1900-10hp_firmware	0, 0
zzinc	keymouse_firmware	3.08
n/a	n/a	n/a

Exploit Intelligence

20160202 Cisco Finesse Desktop and Cisco Unified Contact Center Express Applications XMPP Unauthorized Access Vulnerability (circl)
1034921 (circl)
1034920 (circl)

Timeline

Feb 2, 2016 CVE Published
Feb 4, 2022 EPSS Score
Mar 29, 2022 EPSS Score
May 20, 2022 EPSS Score
Jul 12, 2022 EPSS Score
Sep 3, 2022 EPSS Score
Oct 26, 2022 EPSS Score
Dec 18, 2022 EPSS Score
Feb 8, 2023 EPSS Score
Mar 7, 2023 EPSS Score
Apr 2, 2023 EPSS Score
May 25, 2023 EPSS Score

References

20160202 Cisco Finesse Desktop and Cisco Unified Contact Center Express Applications XMPP Unauthorized Access Vulnerability vendor-advisory
1034921 vdb
1034920 vdb
https://nvd.nist.gov/vuln/detail/CVE-2016-1307 advisory

Open in Interactive Console →