Cisco Patches Critical Vulnerability in Contact Center Products

13-Jan-22

Cisco released security updates for a crucial vulnerability in the Unified Contact Center Management Portal and Domain Manager that could be manipulated remotely to uplift privileges to administrator.

The issue, tracked as CVE202220658 (CVSS score of 9.6), exists because there was no serverside validation of user permissions, allowing an attacker to send a crafted HTTP request to exploit the flaw on a vulnerable system.

Read More…