CVE-2016-1373: SSRF
First published: Thu May 05 2016(Updated: )
The gadgets-integration API in Cisco Finesse 8.5(1) through 8.5(5), 8.6(1), 9.0(1), 9.0(2), 9.1(1), 9.1(1)SU1, 9.1(1)SU1.1, 9.1(1)ES1 through 9.1(1)ES5, 10.0(1), 10.0(1)SU1, 10.0(1)SU1.1, 10.5(1), 10.5(1)ES1 through 10.5(1)ES4, 10.5(1)SU1, 10.5(1)SU1.1, 10.5(1)SU1.7, 10.6(1), 10.6(1)SU1, 10.6(1)SU2, and 11.0(1) allows remote attackers to conduct server-side request forgery (SSRF) attacks via a crafted request, aka Bug ID CSCuw86623.
Credit: ykramarz@cisco.com
| Affected Software | Affected Version | How to fix |
|---|---|---|
| Cisco Finesse | =8.5\(1\)_base | |
| Cisco Finesse | =8.5\(2\)_base | |
| Cisco Finesse | =8.5\(3\)_base | |
| Cisco Finesse | =8.5\(4\)_base | |
| Cisco Finesse | =8.5\(5\)_base | |
| Cisco Finesse | =8.6\(1\)_base | |
| Cisco Finesse | =9.0\(1\)_base | |
| Cisco Finesse | =9.0\(2\)_base | |
| Cisco Finesse | =9.1\(1\)_base | |
| Cisco Finesse | =9.1\(1\)_es1 | |
| Cisco Finesse | =9.1\(1\)_es2 | |
| Cisco Finesse | =9.1\(1\)_es3 | |
| Cisco Finesse | =9.1\(1\)_es4 | |
| Cisco Finesse | =9.1\(1\)_es5 | |
| Cisco Finesse | =9.1\(1\)_su1 | |
| Cisco Finesse | =9.1\(1\)_su1.1 | |
| Cisco Finesse | =10.0\(1\)_base | |
| Cisco Finesse | =10.0\(1\)_su1 | |
| Cisco Finesse | =10.0\(1\)_su1.1 | |
| Cisco Finesse | =10.5\(1\)_base | |
| Cisco Finesse | =10.5\(1\)_es1 | |
| Cisco Finesse | =10.5\(1\)_es2 | |
| Cisco Finesse | =10.5\(1\)_es3 | |
| Cisco Finesse | =10.5\(1\)_es4 | |
| Cisco Finesse | =10.5\(1\)_su1 | |
| Cisco Finesse | =10.5\(1\)_su1.1 | |
| Cisco Finesse | =10.5\(1\)_su1.7 | |
| Cisco Finesse | =10.6\(1\)_base | |
| Cisco Finesse | =10.6\(1\)_su1 | |
| Cisco Finesse | =10.6\(1\)_su2 | |
| Cisco Finesse | =11.0\(1\)_base |
Never miss a vulnerability like this again
Sign up to SecAlerts for real-time vulnerability data matched to your software, aggregated from hundreds of sources.
Reference Links
- collector/nvd-index
- agent/weakness
- agent/references
- agent/severity
- agent/author
- agent/type
- agent/description
- agent/event
- agent/last-modified-date
- agent/softwarecombine
- agent/tags
- agent/first-publish-date
- collector/mitre-cve
- source/MITRE
- vendor/cisco
- canonical/cisco finesse
- version/cisco finesse/8.5\(1\)_base
- version/cisco finesse/8.5\(2\)_base
- version/cisco finesse/8.5\(3\)_base
- version/cisco finesse/8.5\(4\)_base
- version/cisco finesse/8.5\(5\)_base
- version/cisco finesse/8.6\(1\)_base
- version/cisco finesse/9.0\(1\)_base
- version/cisco finesse/9.0\(2\)_base
- version/cisco finesse/9.1\(1\)_base
- version/cisco finesse/9.1\(1\)_es1
- version/cisco finesse/9.1\(1\)_es2
- version/cisco finesse/9.1\(1\)_es3
- version/cisco finesse/9.1\(1\)_es4
- version/cisco finesse/9.1\(1\)_es5
- version/cisco finesse/9.1\(1\)_su1
- version/cisco finesse/9.1\(1\)_su1.1
- version/cisco finesse/10.0\(1\)_base
- version/cisco finesse/10.0\(1\)_su1
- version/cisco finesse/10.0\(1\)_su1.1
- version/cisco finesse/10.5\(1\)_base
- version/cisco finesse/10.5\(1\)_es1
- version/cisco finesse/10.5\(1\)_es2
- version/cisco finesse/10.5\(1\)_es3
- version/cisco finesse/10.5\(1\)_es4
- version/cisco finesse/10.5\(1\)_su1
- version/cisco finesse/10.5\(1\)_su1.1
- version/cisco finesse/10.5\(1\)_su1.7
- version/cisco finesse/10.6\(1\)_base
- version/cisco finesse/10.6\(1\)_su1
- version/cisco finesse/10.6\(1\)_su2
- version/cisco finesse/11.0\(1\)_base