Skip to main content

Socialminer

12 CVEs product

Monthly

CVE-2025-20278 MEDIUM This Month

A vulnerability in the CLI of multiple Cisco Unified Communications products could allow an authenticated, local attacker to execute arbitrary commands on the underlying operating system of an affected device as the root user. This vulnerability is due to improper validation of user-supplied command arguments. An attacker could exploit this vulnerability by executing crafted commands on the CLI of an affected device. A successful exploit could allow the attacker to execute arbitrary commands on the underlying operating system of an affected device as the root user. To exploit this vulnerability, the attacker must have valid administrative credentials.

Command Injection Cisco Socialminer Unified Communications Manager Im And Presence Service Finesse +5
NVD
CVSS 3.1
6.0
EPSS
0.0%
CVE-2025-20129 MEDIUM This Month

A vulnerability in the web-based chat interface of Cisco Customer Collaboration Platform (CCP), formerly Cisco SocialMiner, could allow an unauthenticated, remote attacker to persuade users to disclose sensitive data. This vulnerability is due to improper sanitization of HTTP requests that are sent to the web-based chat interface. An attacker could exploit this vulnerability by sending crafted HTTP requests to the chat interface of a targeted user on a vulnerable server. A successful exploit could allow the attacker to redirect chat traffic to a server that is under their control, resulting in sensitive information being redirected to the attacker.

Information Disclosure Cisco Unified Contact Center Express Socialminer
NVD
CVSS 3.1
4.3
EPSS
0.0%
CVE-2019-1668 MEDIUM This Month

A vulnerability in the chat feed feature of Cisco SocialMiner could allow an unauthenticated, remote attacker to perform cross-site scripting (XSS) attacks against a user of the web-based user. Rated medium severity (CVSS 6.1), this vulnerability is remotely exploitable, no authentication required, low attack complexity. No vendor patch available.

XSS Cisco Socialminer
NVD
CVSS 3.1
6.1
EPSS
1.3%
CVE-2018-15435 MEDIUM This Month

A vulnerability in the web-based management interface of Cisco SocialMiner could allow an unauthenticated, remote attacker to conduct a stored cross-site scripting (XSS) attack against a user of the. Rated medium severity (CVSS 6.1), this vulnerability is remotely exploitable, no authentication required, low attack complexity. No vendor patch available.

XSS Cisco Socialminer
NVD
CVSS 3.0
6.1
EPSS
1.2%
CVE-2018-0290 MEDIUM This Month

A vulnerability in the TCP stack of Cisco SocialMiner could allow an unauthenticated, remote attacker to cause a denial of service (DoS) condition in the notification system. Rated medium severity (CVSS 5.3), this vulnerability is remotely exploitable, no authentication required, low attack complexity. No vendor patch available.

Denial Of Service Cisco Socialminer
NVD
CVSS 3.0
5.3
EPSS
1.7%
CVE-2017-12337 CRITICAL Act Now

A vulnerability in the upgrade mechanism of Cisco collaboration products based on the Cisco Voice Operating System software platform could allow an unauthenticated, remote attacker to gain. Rated critical severity (CVSS 9.8), this vulnerability is remotely exploitable, no authentication required, low attack complexity. Epss exploitation probability 13.2% and no vendor patch available.

Cisco Authentication Bypass Emergency Responder Finesse Hosted Collaboration Solution +8
NVD
CVSS 3.0
9.8
EPSS
13.2%
CVE-2017-12216 HIGH This Week

A vulnerability in the web-based user interface of Cisco SocialMiner could allow an unauthenticated, remote attacker to have read and write access to information stored in the affected system. Rated high severity (CVSS 8.8), this vulnerability is remotely exploitable, no authentication required, low attack complexity. No vendor patch available.

XXE Cisco Information Disclosure Socialminer
NVD
CVSS 3.0
8.8
EPSS
1.6%
CVE-2017-6702 MEDIUM This Month

A vulnerability in the web framework of Cisco SocialMiner could allow an unauthenticated, remote attacker to conduct a cross-site scripting (XSS) attack against a user of the web interface of an. Rated medium severity (CVSS 6.1), this vulnerability is remotely exploitable, no authentication required, low attack complexity. No vendor patch available.

XSS Cisco Socialminer
NVD
CVSS 3.0
6.1
EPSS
0.3%
CVE-2015-6356 MEDIUM This Month

Cross-site scripting (XSS) vulnerability in the WeChat page in Cisco Social Miner 10.0(1) allows remote attackers to inject arbitrary web script or HTML via unspecified vectors, aka Bug ID CSCuw60212. Rated medium severity (CVSS 4.3), this vulnerability is remotely exploitable. No vendor patch available.

XSS Cisco Socialminer
NVD
CVSS 2.0
4.3
EPSS
0.3%
CVE-2013-5492 MEDIUM This Month

administration.jsp in Cisco SocialMiner allows remote attackers to obtain sensitive information by sniffing the network for HTTP client-server traffic, aka Bug ID CSCuh76780. Rated medium severity (CVSS 5.0), this vulnerability is remotely exploitable, low attack complexity. No vendor patch available.

Information Disclosure Cisco Socialminer
NVD
CVSS 2.0
5.0
EPSS
0.2%
CVE-2013-5489 MEDIUM This Month

The gadget implementation in Cisco SocialMiner does not properly restrict the content of GET requests, which allows remote attackers to obtain sensitive information by reading (1) web-server access. Rated medium severity (CVSS 5.0), this vulnerability is remotely exploitable, low attack complexity. No vendor patch available.

Privilege Escalation Cisco Socialminer
NVD
CVSS 2.0
5.0
EPSS
0.3%
CVE-2013-5483 MEDIUM This Month

Cross-site scripting (XSS) vulnerability in bookmarklet.jsp in Cisco SocialMiner allows remote attackers to inject arbitrary web script or HTML via unspecified vectors, aka Bug ID CSCuh73868. Rated medium severity (CVSS 4.3), this vulnerability is remotely exploitable. No vendor patch available.

Cisco XSS Socialminer
NVD
CVSS 2.0
4.3
EPSS
0.3%
EPSS 0% CVSS 6.0
MEDIUM This Month

A vulnerability in the CLI of multiple Cisco Unified Communications products could allow an authenticated, local attacker to execute arbitrary commands on the underlying operating system of an affected device as the root user. This vulnerability is due to improper validation of user-supplied command arguments. An attacker could exploit this vulnerability by executing crafted commands on the CLI of an affected device. A successful exploit could allow the attacker to execute arbitrary commands on the underlying operating system of an affected device as the root user. To exploit this vulnerability, the attacker must have valid administrative credentials.

Command Injection Cisco Socialminer +7
NVD
EPSS 0% CVSS 4.3
MEDIUM This Month

A vulnerability in the web-based chat interface of Cisco Customer Collaboration Platform (CCP), formerly Cisco SocialMiner, could allow an unauthenticated, remote attacker to persuade users to disclose sensitive data. This vulnerability is due to improper sanitization of HTTP requests that are sent to the web-based chat interface. An attacker could exploit this vulnerability by sending crafted HTTP requests to the chat interface of a targeted user on a vulnerable server. A successful exploit could allow the attacker to redirect chat traffic to a server that is under their control, resulting in sensitive information being redirected to the attacker.

Information Disclosure Cisco Unified Contact Center Express +1
NVD
EPSS 1% CVSS 6.1
MEDIUM This Month

A vulnerability in the chat feed feature of Cisco SocialMiner could allow an unauthenticated, remote attacker to perform cross-site scripting (XSS) attacks against a user of the web-based user. Rated medium severity (CVSS 6.1), this vulnerability is remotely exploitable, no authentication required, low attack complexity. No vendor patch available.

XSS Cisco Socialminer
NVD
EPSS 1% CVSS 6.1
MEDIUM This Month

A vulnerability in the web-based management interface of Cisco SocialMiner could allow an unauthenticated, remote attacker to conduct a stored cross-site scripting (XSS) attack against a user of the. Rated medium severity (CVSS 6.1), this vulnerability is remotely exploitable, no authentication required, low attack complexity. No vendor patch available.

XSS Cisco Socialminer
NVD
EPSS 2% CVSS 5.3
MEDIUM This Month

A vulnerability in the TCP stack of Cisco SocialMiner could allow an unauthenticated, remote attacker to cause a denial of service (DoS) condition in the notification system. Rated medium severity (CVSS 5.3), this vulnerability is remotely exploitable, no authentication required, low attack complexity. No vendor patch available.

Denial Of Service Cisco Socialminer
NVD
EPSS 13% CVSS 9.8
CRITICAL Act Now

A vulnerability in the upgrade mechanism of Cisco collaboration products based on the Cisco Voice Operating System software platform could allow an unauthenticated, remote attacker to gain. Rated critical severity (CVSS 9.8), this vulnerability is remotely exploitable, no authentication required, low attack complexity. Epss exploitation probability 13.2% and no vendor patch available.

Cisco Authentication Bypass Emergency Responder +10
NVD
EPSS 2% CVSS 8.8
HIGH This Week

A vulnerability in the web-based user interface of Cisco SocialMiner could allow an unauthenticated, remote attacker to have read and write access to information stored in the affected system. Rated high severity (CVSS 8.8), this vulnerability is remotely exploitable, no authentication required, low attack complexity. No vendor patch available.

XXE Cisco Information Disclosure +1
NVD
EPSS 0% CVSS 6.1
MEDIUM This Month

A vulnerability in the web framework of Cisco SocialMiner could allow an unauthenticated, remote attacker to conduct a cross-site scripting (XSS) attack against a user of the web interface of an. Rated medium severity (CVSS 6.1), this vulnerability is remotely exploitable, no authentication required, low attack complexity. No vendor patch available.

XSS Cisco Socialminer
NVD
EPSS 0% CVSS 4.3
MEDIUM This Month

Cross-site scripting (XSS) vulnerability in the WeChat page in Cisco Social Miner 10.0(1) allows remote attackers to inject arbitrary web script or HTML via unspecified vectors, aka Bug ID CSCuw60212. Rated medium severity (CVSS 4.3), this vulnerability is remotely exploitable. No vendor patch available.

XSS Cisco Socialminer
NVD
EPSS 0% CVSS 5.0
MEDIUM This Month

administration.jsp in Cisco SocialMiner allows remote attackers to obtain sensitive information by sniffing the network for HTTP client-server traffic, aka Bug ID CSCuh76780. Rated medium severity (CVSS 5.0), this vulnerability is remotely exploitable, low attack complexity. No vendor patch available.

Information Disclosure Cisco Socialminer
NVD
EPSS 0% CVSS 5.0
MEDIUM This Month

The gadget implementation in Cisco SocialMiner does not properly restrict the content of GET requests, which allows remote attackers to obtain sensitive information by reading (1) web-server access. Rated medium severity (CVSS 5.0), this vulnerability is remotely exploitable, low attack complexity. No vendor patch available.

Privilege Escalation Cisco Socialminer
NVD
EPSS 0% CVSS 4.3
MEDIUM This Month

Cross-site scripting (XSS) vulnerability in bookmarklet.jsp in Cisco SocialMiner allows remote attackers to inject arbitrary web script or HTML via unspecified vectors, aka Bug ID CSCuh73868. Rated medium severity (CVSS 4.3), this vulnerability is remotely exploitable. No vendor patch available.

Cisco XSS Socialminer
NVD

This site uses cookies essential for authentication and security. No tracking or analytics cookies are used. Privacy Policy