CVE-2014-0745

medium

Published 2014-02-27 · Modified 2026-04-29

CVSS v3

—

CVSS v2

6.8

VIR risk

6.8

Description

Cross-site request forgery (CSRF) vulnerability in the Unified Serviceability subsystem in Cisco Unified Contact Center Express (Unified CCX) allows remote attackers to hijack the authentication of arbitrary users, aka Bug ID CSCum95502.

Predictions

Exploit likelihood

20%

Patch ETA

—

Heuristic predictions, AS-IS, for prioritization only.

Mitigations

vendor Authored 2026-05-27

Vendor advisory: psirt@cisco.com — http://tools.cisco.com/security/center/content/CiscoSecurityNotice/CVE-2014-0745

Application impact

Vendor	Product	Versions	Fixed
cisco	unified_contact_center_express_editor_software	`-`

References

http://tools.cisco.com/security/center/content/CiscoSecurityNotice/CVE-2014-0745
http://www.securitytracker.com/id/1029842
http://tools.cisco.com/security/center/content/CiscoSecurityNotice/CVE-2014-0745
http://www.securitytracker.com/id/1029842

CWEs

CWE-352

Verify integrity in audit chain (admin only). AS-IS.