Finesse
This hub aggregates every CVE we track for Finesse, a product in the communications space. Use it to gauge the current risk picture and drill into individual advisories.
25
CVEs tracked
4
Critical
6
High
1
In CISA KEV
Severity distribution
MEDIUM15HIGH6CRITICAL4
Monthly trend
0
0
0
0
0
0
0
0
0
0
0
1
0
0
0
0
0
0
0
0
0
0
0
0
2024-072026-06
Latest CVEs
The 15 most recently published vulnerabilities affecting Finesse.
- CVE-2025-20278Cisco Unified Communications Products Command Injection Vulnerability6.0
- CVE-2024-20405A vulnerability in the web-based management interface of Cisco Finesse could allow an unauthenticated, remote attacker to conduct a stored XSS attack by exploiting an RFI vulnerability. This vu...4.8
- CVE-2024-20404A vulnerability in the web-based management interface of Cisco Finesse could allow an unauthenticated, remote attacker to conduct an SSRF attack on an affected system. This vulnerability is due ...7.2
- CVE-2023-20088Cisco Finesse Reverse Proxy VPN-less Access to Finesse Desktop Denial of Service Vulnerability5.3
- CVE-2021-44228Apache Log4j2 JNDI features do not protect against attacker controlled LDAP and other JNDI related endpointsKEV10.0
- CVE-2021-1358Cisco Finesse Open Redirect Vulnerability4.7
- CVE-2021-1254Cisco Finesse Cross-Site Scripting Vulnerabilities4.8
- CVE-2021-1245Cisco Finesse OpenSocial Gadget Editor Cross-Site Scripting Vulnerability6.5
- CVE-2021-1246Cisco Finesse OpenSocial Gadget Editor Unauthenticated Access Vulnerability6.5
- CVE-2020-3159Cisco Finesse Web-Based Management Interface Cross-Site Scripting Vulnerability6.1
- CVE-2019-15278Cisco Finesse Cross-Site Scripting Vulnerability6.1
- CVE-2019-12632Cisco Finesse Request Processing Server-Side Request Forgery Vulnerability7.5
- CVE-2018-0399Multiple vulnerabilities in the web-based management interface of Cisco Finesse could allow an unauthenticated, remote attacker to retrieve a cleartext password from an affected system. Cisco Bug I...9.8
- CVE-2018-0398Multiple vulnerabilities in the web-based management interface of Cisco Finesse could allow an unauthenticated, remote attacker to conduct a server-side request forgery (SSRF) attack. Cisco Bug IDs...9.8
- CVE-2017-6779Multiple Cisco products are affected by a vulnerability in local file management for certain system log files of Cisco collaboration products that could allow an unauthenticated, remote attacker to...7.5
Product normalization is registry-driven with AI assist and human review. How it works