Sensitive Information Disclosure in Cisco Unified Contact Center Express DRS
CVE-2014-0746

Currently unrated

Key Information:

Vendor: Cisco
Status: Unified Contact Center Express Editor Software
Vendor: CVE Published:; 27 February 2014

What is CVE-2014-0746?

The disaster recovery system (DRS) in Cisco Unified Contact Center Express has a vulnerability that allows remote authenticated users to access sensitive information. This occurs due to the ability to read extraneous fields in an HTML document, which can lead to the unintentional exposure of confidential data. System administrators must take action to mitigate this risk to protect user privacy and data integrity.

References

http://www.securitytracker.com/id/1029842

vdb-entryx_refsource_SECTRACK

http://tools.cisco.com/security/center/content/CiscoSecur...

vendor-advisoryx_refsource_CISCO

Download the Critical Vulnerability Management Cheat Sheet

Timeline

Vulnerability published
Feb 27, 2014
Vulnerability Reserved
Jan 2, 2014