| Vulnerability Name: | CVE-2014-0746 (CCN-91434) | ||||||||
| Assigned: | 2014-02-25 | ||||||||
| Published: | 2014-02-25 | ||||||||
| Updated: | 2015-08-01 | ||||||||
| Summary: | The disaster recovery system (DRS) in Cisco Unified Contact Center Express (Unified CCX) allows remote authenticated users to obtain sensitive information by reading extraneous fields in an HTML document, aka Bug ID CSCum95536. | ||||||||
| CVSS v3 Severity: | 3.5 Low (CCN CVSS v3.1 Vector: CVSS:3.1/AV:N/AC:L/PR:L/UI:R/S:U/C:L/I:N/A:N)
| ||||||||
| CVSS v2 Severity: | 4.0 Medium (CVSS v2 Vector: AV:N/AC:L/Au:S/C:P/I:N/A:N) 3.0 Low (Temporal CVSS v2 Vector: AV:N/AC:L/Au:S/C:P/I:N/A:N/E:U/RL:OF/RC:C)
3.0 Low (CCN Temporal CVSS v2 Vector: AV:N/AC:L/Au:S/C:P/I:N/A:N/E:U/RL:OF/RC:C)
| ||||||||
| Vulnerability Type: | CWE-200 | ||||||||
| Vulnerability Consequences: | Obtain Information | ||||||||
| References: | Source: MITRE Type: CNA CVE-2014-0746 Source: CCN Type: Cisco Security Notice Cisco Unified Contact Center Express DRS Sensitive Information Disclosure Vulnerability Source: CISCO Type: Vendor Advisory 20140225 Cisco Unified Contact Center Express DRS Sensitive Information Disclosure Vulnerability Source: CCN Type: BID-65802 Cisco Unified Contact Center Express CVE-2014-0746 Information Disclosure Vulnerability Source: SECTRACK Type: UNKNOWN 1029842 Source: XF Type: UNKNOWN cisco-ucce-cve20140746-info-disc(91434) | ||||||||
| Vulnerable Configuration: | Configuration 1: Configuration CCN 1:  Denotes that component is vulnerable | ||||||||
| BACK | |||||||||