Cross-Site Request Forgery in Cisco Unified Contact Center Express
CVE-2014-0745

Currently unrated

Key Information:

Vendor: Cisco
Status: Unified Contact Center Express Editor Software
Vendor: CVE Published:; 27 February 2014

Summary

A cross-site request forgery (CSRF) vulnerability in the Unified Serviceability subsystem of Cisco Unified Contact Center Express enables remote attackers to exploit this flaw, potentially hijacking the authentication session of legitimate users. This can lead to unauthorized actions being executed on behalf of affected users without their consent or knowledge. Administrators should review the security measures in place and ensure they are updated against this vulnerability to safeguard user information and system integrity.

References

http://www.securitytracker.com/id/1029842

vdb-entryx_refsource_SECTRACK

http://tools.cisco.com/security/center/content/CiscoSecur...

vendor-advisoryx_refsource_CISCO

Timeline

Vulnerability published
Feb 27, 2014
Vulnerability Reserved
Jan 2, 2014