CVE-2014-2102

{"id": "CVE-2014-2102", "cveTags": [], "metrics": {"cvssMetricV2": [{"type": "Primary", "source": "nvd@nist.gov", "cvssData": {"version": "2.0", "baseScore": 4.0, "accessVector": "NETWORK", "vectorString": "AV:N/AC:L/Au:S/C:P/I:N/A:N", "authentication": "SINGLE", "integrityImpact": "NONE", "accessComplexity": "LOW", "availabilityImpact": "NONE", "confidentialityImpact": "PARTIAL"}, "acInsufInfo": false, "impactScore": 2.9, "baseSeverity": "MEDIUM", "obtainAllPrivilege": false, "exploitabilityScore": 8.0, "obtainUserPrivilege": false, "obtainOtherPrivilege": false, "userInteractionRequired": false}]}, "published": "2014-02-27T01:55:04.307", "references": [{"url": "http://tools.cisco.com/security/center/content/CiscoSecurityNotice/CVE-2014-2102", "tags": ["Vendor Advisory"], "source": "ykramarz@cisco.com"}, {"url": "http://www.securitytracker.com/id/1029842", "source": "ykramarz@cisco.com"}], "vulnStatus": "Analyzed", "weaknesses": [{"type": "Primary", "source": "nvd@nist.gov", "description": [{"lang": "en", "value": "CWE-264"}]}], "descriptions": [{"lang": "en", "value": "Cisco Unified Contact Center Express (Unified CCX) does not properly restrict the content of the CCMConfig page, which allows remote authenticated users to obtain sensitive information by examining this content, aka Bug ID CSCum95575."}, {"lang": "es", "value": "Cisco Unified Contact Center Express (Unified CCX) no restringe debidamente el contenido de la p\u00e1gina CCMConfig, lo que permite a usuarios remotos autenticados obtener informaci\u00f3n sensible mediante el examen de este contenido, tambi\u00e9n conocido como Bug ID CSCum95575."}], "lastModified": "2015-07-29T16:20:44.740", "configurations": [{"nodes": [{"negate": false, "cpeMatch": [{"criteria": "cpe:2.3:a:cisco:unified_contact_center_express_editor_software:-:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "14E9EB78-63EF-44CC-842B-1252E2807597"}], "operator": "OR"}]}], "sourceIdentifier": "ykramarz@cisco.com"}