📦 Enterprise Chat And Email

CVE-2021-44228 (Log4Shell) is a critical remote code execution vulnerability in Apache Log4j2 that allows attackers to execute arbitrary code by exploiting JNDI lookups in log messages. This affects a...

An unauthenticated remote attacker can send specially crafted chat messages to Cisco Enterprise Chat and Email (ECE) to trigger a denial of service condition. The application stops responding and may ...

An unauthenticated remote attacker can send crafted MR PIM traffic to Cisco Enterprise Chat and Email (ECE) to trigger a denial of service in the External Agent Assignment Service (EAAS). This prevent...

CVE-2023-44487 is an HTTP/2 protocol vulnerability that allows attackers to cause denial of service by rapidly resetting streams, consuming server resources. This affects any system using HTTP/2, incl...

A stored cross-site scripting (XSS) vulnerability in Cisco Enterprise Chat and Email web UI allows unauthenticated remote attackers to inject malicious scripts. When exploited, this could enable attac...

This vulnerability in Cisco ECE allows unauthenticated remote attackers to enumerate valid usernames by analyzing differences in authentication responses. Attackers can confirm existing user accounts,...

This vulnerability allows unauthenticated remote attackers to execute cross-site scripting (XSS) attacks against users of Cisco ECE's web management interface. Attackers can inject malicious scripts i...