Sensitive Information Disclosure in Cisco Unified Contact Center Express
CVE-2014-2102

Currently unrated

Key Information:

Vendor: Cisco
Status: Unified Contact Center Express Editor Software
Vendor: CVE Published:; 27 February 2014

What is CVE-2014-2102?

The Cisco Unified Contact Center Express (Unified CCX) is vulnerable due to improper restrictions on the CCMConfig page, allowing remote authenticated users to access sensitive information. This issue can lead to unauthorized disclosure of configuration details, potentially exposing critical system data. Users should ensure proper access controls are implemented to mitigate these vulnerabilities.

References

http://www.securitytracker.com/id/1029842

vdb-entryx_refsource_SECTRACK

http://tools.cisco.com/security/center/content/CiscoSecur...

vendor-advisoryx_refsource_CISCO

Download the Critical Vulnerability Management Cheat Sheet

Timeline

Vulnerability published
Feb 27, 2014
Vulnerability Reserved
Feb 25, 2014