Information Disclosure Vulnerability in Cisco Unified Contact Center Express
CVE-2013-1214

Currently unrated

Key Information:

Vendor: Cisco
Status: Unified Contact Center Express Editor Software; Unified Contact Center Express Editor Software
Vendor: CVE Published:; 24 April 2013

Summary

The scripts editor in Cisco Unified Contact Center Express fails to properly manage privileges for anonymous logins, enabling remote attackers to gain unauthorized access to sensitive scripts by simply accessing the scripts repository directory. This significant oversight in privilege management raises concerns about potential unauthorized data exposure and manipulation.

References

http://tools.cisco.com/security/center/content/CiscoSecur...

vendor-advisoryx_refsource_CISCO

Timeline

Vulnerability Reserved
Oct 3, 2022
Vulnerability published
Apr 24, 2013