Vulnerability Description
The scripts editor in Cisco Unified Contact Center Express (aka Unified CCX) does not properly manage privileges for anonymous logins, which allows remote attackers to read arbitrary scripts by visiting the scripts repository directory, aka Bug ID CSCuf77546.
CVSS Score
MEDIUM
Affected Products
| Vendor | Product | Versions |
|---|---|---|
| Cisco | Unified Contact Center Express Editor Software | - |
Related Weaknesses (CWE)
References
- http://tools.cisco.com/security/center/content/CiscoSecurityNotice/CVE-2013-1214Vendor Advisory
- http://tools.cisco.com/security/center/content/CiscoSecurityNotice/CVE-2013-1214Vendor Advisory
FAQ
What is CVE-2013-1214?
CVE-2013-1214 is a vulnerability with a CVSS score of 5.0 (MEDIUM). The scripts editor in Cisco Unified Contact Center Express (aka Unified CCX) does not properly manage privileges for anonymous logins, which allows remote attackers to read arbitrary scripts by visiti...
How severe is CVE-2013-1214?
CVE-2013-1214 has been rated MEDIUM with a CVSS base score of 5.0/10. Review the CVSS metrics above for detailed severity breakdown.
Is there a patch for CVE-2013-1214?
Check the references section above for vendor advisories and patch information. Affected products include: Cisco Unified Contact Center Express Editor Software.