Cisco Unified CCX Editor software

CPE Details

Cisco Unified CCX Editor software
cisco
unified_contact_center_express_editor_software
-
2013-04-24
10h56 +00:00
2014-02-27
20h31 +00:00
CPE NVD
Alerte pour un CPE
Restez informé de toutes modifications pour un CPE spécifique.
Gestion des notifications

CPE Name: cpe:2.3:a:cisco:unified_contact_center_express_editor_software:-:*:*:*:*:*:*:*

Informations

Vendor

cisco

Product

unified_contact_center_express_editor_software

Version

-

Related CVE

Open and find in CVE List

CVE ID Publié Description Score Gravité
CVE-2014-2180 2014-04-29 08h00 +00:00 The Document Management component in Cisco Unified Contact Center Express does not properly validate a parameter, which allows remote authenticated users to upload files to arbitrary pathnames via a crafted HTTP request, aka Bug ID CSCun74133.
4
CVE-2014-0745 2014-02-27 00h00 +00:00 Cross-site request forgery (CSRF) vulnerability in the Unified Serviceability subsystem in Cisco Unified Contact Center Express (Unified CCX) allows remote attackers to hijack the authentication of arbitrary users, aka Bug ID CSCum95502.
6.8
CVE-2014-0746 2014-02-27 00h00 +00:00 The disaster recovery system (DRS) in Cisco Unified Contact Center Express (Unified CCX) allows remote authenticated users to obtain sensitive information by reading extraneous fields in an HTML document, aka Bug ID CSCum95536.
4
CVE-2014-2102 2014-02-27 00h00 +00:00 Cisco Unified Contact Center Express (Unified CCX) does not properly restrict the content of the CCMConfig page, which allows remote authenticated users to obtain sensitive information by examining this content, aka Bug ID CSCum95575.
4
CVE-2013-1214 2013-04-24 10h00 +00:00 The scripts editor in Cisco Unified Contact Center Express (aka Unified CCX) does not properly manage privileges for anonymous logins, which allows remote attackers to read arbitrary scripts by visiting the scripts repository directory, aka Bug ID CSCuf77546.
5
Les informations affichées sur CVE Find proviennent de plusieurs sources de référence rigoureusement sélectionnées. Les données CVE sont fournies par MITRE Corporation et la National Vulnerability Database (NVD). Le catalogue des vulnérabilités activement exploitées (KEV) provient de la Cybersecurity and Infrastructure Security Agency (CISA), tandis que les scores EPSS sont issus de FIRST.org. Enfin, les données relatives aux faiblesses logicielles (CWE) et aux schémas d'attaque courants (CAPEC) sont maintenues par MITRE Corporation, et les informations sur les configurations logicielles et matérielles (CPE) proviennent du NVD.