Sitecore Connector Security Update
This security vulnerability affects only customers using the following Coveo connectors:
CES 7.0.6684– (May 2014) Coveo for Sitecore 3.0.381– (April 2014) If you use one of the above connectors, Coveo highly recommends that you upgrade the Coveo plugin on your Sitecore instance to ensure that the vulnerability is fixed for your website.
Note: This security vulnerability does not affect customers using the Web Pages Connector to index their Sitecore site.
Refer to the following applicable procedure to resolve the vulnerability:
-
Security Update for Coveo for Sitecore
Note: In the PDF, search for "Coveo for Sitecore Not Properly Replicating the Sitecore Permission Model".
-
Security Update for Sitecore Connector
OR
Security Update for Sitecore Legacy Connector
Note: In both PDFs, search for "Security Update for Sitecore and Sitecore Legacy Connectors".
For help installing updates, contact Coveo Support.