Cisco » Unified Contact Center Express Editor Software : Security Vulnerabilities, CVEs,
The Document Management component in Cisco Unified Contact Center Express does not properly validate a parameter, which allows remote authenticated users to upload files to arbitrary pathnames via a crafted HTTP request, aka Bug ID CSCun74133.
Max CVSS
4.0
EPSS Score
0.08%
Published
2014-04-29
Updated
2014-04-29
Cisco Unified Contact Center Express (Unified CCX) does not properly restrict the content of the CCMConfig page, which allows remote authenticated users to obtain sensitive information by examining this content, aka Bug ID CSCum95575.
Max CVSS
4.0
EPSS Score
0.10%
Published
2014-02-27
Updated
2015-07-29
The disaster recovery system (DRS) in Cisco Unified Contact Center Express (Unified CCX) allows remote authenticated users to obtain sensitive information by reading extraneous fields in an HTML document, aka Bug ID CSCum95536.
Max CVSS
4.0
EPSS Score
0.10%
Published
2014-02-27
Updated
2015-08-01
Cross-site request forgery (CSRF) vulnerability in the Unified Serviceability subsystem in Cisco Unified Contact Center Express (Unified CCX) allows remote attackers to hijack the authentication of arbitrary users, aka Bug ID CSCum95502.
Max CVSS
6.8
EPSS Score
0.09%
Published
2014-02-27
Updated
2015-08-01
The scripts editor in Cisco Unified Contact Center Express (aka Unified CCX) does not properly manage privileges for anonymous logins, which allows remote attackers to read arbitrary scripts by visiting the scripts repository directory, aka Bug ID CSCuf77546.
Max CVSS
5.0
EPSS Score
0.16%
Published
2013-04-24
Updated
2018-10-30
5 vulnerabilities found