CVE-2014-0745

Published: Feb 27, 2014Modified: Apr 29, 2026

6.8

Vector

AV:N/AC:M/Au:N/C:P/I:P/A:P

Exploitability: 8.6 / Impact: 6.4

Source: NVD

Description

Cross-site request forgery (CSRF) vulnerability in the Unified Serviceability subsystem in Cisco Unified Contact Center Express (Unified CCX) allows remote attackers to hijack the authentication of arbitrary users, aka Bug ID CSCum95502.

Affected (1)

Products: Cisco: Unified Contact Center Express Editor Software

Cisco

1 product

Unified Contact Center Express Editor Software

Configuration A

1 vulnerable

Vulnerable Software	Affected Versions
Cisco Unified Contact Center Express Editor Software	All versions

Related CWEs

CWE-352

Cross-Site Request Forgery (CSRF)

The web application does not, or can not, sufficiently verify whether a well-formed, valid, consistent request was intentionally provided by the user who submitted the request.

References (4)

http://tools.cisco.com/security/center/content/CiscoSecurityNotice/CVE-2014-0745

Source: psirt@cisco.com

Vendor Advisory

http://www.securitytracker.com/id/1029842

Source: psirt@cisco.com

http://tools.cisco.com/security/center/content/CiscoSecurityNotice/CVE-2014-0745

Source: af854a3a-2127-422b-91ae-364da2661108

Vendor Advisory

http://www.securitytracker.com/id/1029842

Source: af854a3a-2127-422b-91ae-364da2661108

Timeline

No history available yet.