Vigil@nce - Cisco Unified Contact Center Express: reading scripts
May 2013 by Vigil@nce
This bulletin was written by Vigil@nce : http://vigilance.fr/offer
SYNTHESIS OF THE VULNERABILITY
An unauthenticated attacker can read scripts of Cisco Unified
Contact Center Express, in order to obtain sensitive information.
– Impacted products: Cisco Unified CCX
– Severity: 2/4
– Creation date: 22/04/2013
DESCRIPTION OF THE VULNERABILITY
The Cisco Unified Contact Center Express product uses a repository
to store scripts.
However, anonymous users can read the content of this repository.
An unauthenticated attacker can therefore read scripts of Cisco
Unified Contact Center Express, in order to obtain sensitive
information.
ACCESS TO THE COMPLETE VIGIL@NCE BULLETIN
http://vigilance.fr/vulnerability/Cisco-Unified-Contact-Center-Express-reading-scripts-12700