Published: 29/04/2014 Updated: 29/04/2014
CVSS v2 Base Score: 4 | Impact Score: 2.9 | Exploitability Score: 8
VMScore: 356
Vector: AV:N/AC:L/Au:S/C:N/I:P/A:N

Vulnerability Summary

The Document Management component in Cisco Unified Contact Center Express does not properly validate a parameter, which allows remote authenticated users to upload files to arbitrary pathnames via a crafted HTTP request, aka Bug ID CSCun74133.

Most Upvoted Vulmon Research Post

There is no Researcher post for this vulnerability
Would you like to share something about it? Sign up now to share your knowledge with the community.
Vulnerable Product Search on Vulmon Subscribe to Product

cisco unified contact center enterprise

cisco unified contact center express editor software -

Vendor Advisories

A vulnerability in Document Management of Cisco Unified Contact Center Express could allow an authenticated, remote attacker to upload files to arbitrary locations on the filesystem The vulnerability is due to insufficient parameter validation An attacker could exploit this vulnerability by submitting crafted data to the web server Cisco has c ...