Product DocsMenu

Security Update for Sitecore and Sitecore Legacy Connectors

CES 7.0.6684– (May 2014)

This topic describes how to resolve a security vulnerability in our Sitecore Connector plugin that could allow code to access Sitecore content that would otherwise be inaccessible.

CES 7.0.6767+ (June 2014) The monthly release includes the fix for this security vulnerability.

Prerequisites to apply the security update

Before you can apply this security update, if it is not already the case, your Coveo server must run either of the following CES 6 or 7 monthly releases (see Upgrading CES) :

For help installing updates, contact Coveo Support.

To resolve the vulnerability

  1. For CES 6.5 only, download and install the applicable security vulnerability hotfix for CES 6.5.4898 (Dec 2013):

  2. Download the appropriate Sitecore package (ZIP file):

  3. Install the appropriate downloaded Sitecore package on your Sitecore server:

People who viewed this topic also viewed