Cisco Finesse Remote File Inclusion Vulnerability — CISCO-SA-FINESSE-RFI-GWPKDC89
Cisco · Cisco · CISCO-SA-FINESSE-RFI-GWPKDC89
ID
CISCO-SA-FINESSE-RFI-GWPKDC89
CISCO-SA-FINESSE-RFI-GWPKDC89
Date
Activity
Source
Cisco
Cisco
Vendor
Cisco
Cisco
Threat
medium
medium
Summary
A vulnerability in Cisco Finesse could allow an unauthenticated, remote attacker to load arbitrary files from remote locations into an active user session on an affected device, possibly leading to browser-based attacks. This vulnerability is due to insufficient validation of user-supplied input for HTTP requests that are sent to an affected device. An attacker who has knowledge of the address of the affected…
Product
Cisco Finesse Remote File Inclusion
What to do
General, cautious steps (verify details in the official source):
- Review exposure and plan remediation based on risk and environment.
- Identify affected product versions in your inventory and verify whether you are impacted.
- Apply vendor patches/updates or recommended mitigations as soon as available.
- Read the official advisory for exact affected versions and remediation steps.