exploitDog

CVE-2015-4208

Опубликовано: 24 июн. 2015

Источник: nvd

CVSS2: 7.5

EPSS Низкий

Описание

Cisco WebEx Meeting Center does not properly restrict the content of URLs in GET requests, which allows remote attackers to obtain sensitive information or conduct SQL injection attacks via vectors involving read access to a request, aka Bug ID CSCup88398.

Ссылки

http://tools.cisco.com/security/center/viewAlert.x?alertId=39458
Vendor Advisory
http://www.securityfocus.com/bid/75361
Third Party Advisory
VDB Entry
http://www.securitytracker.com/id/1032705
Third Party Advisory
VDB Entry
http://tools.cisco.com/security/center/viewAlert.x?alertId=39458
Vendor Advisory
http://www.securityfocus.com/bid/75361
Third Party Advisory
VDB Entry
http://www.securitytracker.com/id/1032705
Third Party Advisory
VDB Entry

Уязвимые конфигурации

Конфигурация 1

cpe:2.3:a:cisco:webex_meeting_center:-:*:*:*:*:*:*:*

EPSS

Процентиль: 69%

0.00601

Низкий

7.5 High

CVSS2

Дефекты

CWE-89

Связанные уязвимости

GHSA-488v-xjjh-292p

github

больше 3 лет назад

Cisco WebEx Meeting Center does not properly restrict the content of URLs in GET requests, which allows remote attackers to obtain sensitive information or conduct SQL injection attacks via vectors involving read access to a request, aka Bug ID CSCup88398.

EPSS

Процентиль: 69%

0.00601

Низкий

7.5 High

CVSS2

Дефекты

CWE-89