Arbitrary File Upload Vulnerability in Cisco Unified Contact Center Express
CVE-2014-2180
Currently unrated
Key Information:
- Vendor
- Cisco
- Vendor
- CVE Published:
- 29 April 2014
Summary
The Document Management component of Cisco Unified Contact Center Express suffers from a vulnerability due to improper parameter validation. This issue allows remote authenticated users to upload files to arbitrary pathnames, creating significant security risks. Attackers could exploit this vulnerability by sending crafted HTTP requests, leading to unauthorized file uploads that could compromise the integrity of the system. Organizations using Cisco Unified Contact Center Express should assess their security posture and implement necessary patches to safeguard against this vulnerability.
References
Timeline
Vulnerability published
Vulnerability Reserved