CVE-2014-2180 - OpenCVE

The Document Management component in Cisco Unified Contact Center Express does not properly validate a parameter, which allows remote authenticated users to upload files to arbitrary pathnames via a crafted HTTP request, aka Bug ID CSCun74133.

No CVSS v3.1

No CVSS v3.0

Access Vector Network

Access Complexity Low

Authentication Single

Confidentiality Impact None

Integrity Impact Partial

Availability Impact None

AV:N/AC:L/Au:S/C:N/I:P/A:N

Vendors & Products
CPE Configurations

Vendors	Products
Cisco	Unified Contact Center Express Editor Software Unified Contact Center Enterprise

Configuration 1 [-]

OR	cpe:2.3:a:cisco:unified_contact_center_enterprise::::::::
	cpe:2.3:a:cisco:unified_contact_center_express_editor_software:-:::::::*

References

Link	Resource
http://tools.cisco.com/security/center/content/CiscoSecurityNotice/CVE-2014-2180	Vendor Advisory

History

No history.

MITRE Information

Status: PUBLISHED

Assigner: cisco

Published: 2014-04-29T10:00:00

Updated: 2014-04-29T05:57:00

Reserved: 2014-02-25T00:00:00

Link: CVE-2014-2180

JSON object: View

NVD Information

Status : Analyzed

Published: 2014-04-29T10:37:03.967

Modified: 2014-04-29T15:42:38.457

Link: CVE-2014-2180

JSON object: View

Redhat Information

No data.

CWE

CWE-20