A vulnerability has been reported in Cisco products, which can be exploited by malicious users to bypass certain security restrictions, disclose certain sensitive information, and manipulate certain data.
The vulnerability is caused due to an unspecified error and can be exploited by Windows Active Directory users to e.g. view Web View report information for any call center instance or gain access to the Web Admin tool.
The vulnerability is reported in the following products:
* Cisco Unified Intelligent Contact Management Enterprise (Unified ICME)
* Cisco Unified ICM Hosted (Unified ICMH)
* Cisco Unified Contact Center Enterprise (UCCE)
* Cisco Unified Contact Center Hosted (UCCH)
* Cisco System Unified Contact Center Enterprise (SUCCE)
Solution: Apply updates (see vendor's advisory for details).
Do you have additional information related to this advisory?
Please provide information about patches, mitigating factors, new versions, exploits, faulty patches, links, and other relevant data by posting comments to this Advisory. You can also send this
information to email@example.com