CVE-2014-0746

Published: Feb 27, 2014Modified: Apr 29, 2026

4.0

Vector

AV:N/AC:L/Au:S/C:P/I:N/A:N

Exploitability: 8.0 / Impact: 2.9

Source: NVD

Description

The disaster recovery system (DRS) in Cisco Unified Contact Center Express (Unified CCX) allows remote authenticated users to obtain sensitive information by reading extraneous fields in an HTML document, aka Bug ID CSCum95536.

Affected (1)

Products: Cisco: Unified Contact Center Express Editor Software

Cisco

1 product

Unified Contact Center Express Editor Software

Configuration A

1 vulnerable

Vulnerable Software	Affected Versions
Cisco Unified Contact Center Express Editor Software	All versions

Related CWEs

CWE-200

Exposure of Sensitive Information to an Unauthorized Actor

The product exposes sensitive information to an actor that is not explicitly authorized to have access to that information.

References (4)

http://tools.cisco.com/security/center/content/CiscoSecurityNotice/CVE-2014-0746

Source: psirt@cisco.com

Vendor Advisory

http://www.securitytracker.com/id/1029842

Source: psirt@cisco.com

http://tools.cisco.com/security/center/content/CiscoSecurityNotice/CVE-2014-0746

Source: af854a3a-2127-422b-91ae-364da2661108

Vendor Advisory

http://www.securitytracker.com/id/1029842

Source: af854a3a-2127-422b-91ae-364da2661108

Timeline

No history available yet.