exploitDog

CVE-2015-4209

Опубликовано: 23 июн. 2015

Источник: nvd

CVSS2: 6.4

EPSS Низкий

Описание

Cisco WebEx Meeting Center does not properly determine authorization for reading a host calendar, which allows remote attackers to obtain sensitive information by obtaining a list of all meetings and then sending a calendar request for each one, aka Bug ID CSCur23913.

Ссылки

http://tools.cisco.com/security/center/viewAlert.x?alertId=39459
Vendor Advisory
http://www.securityfocus.com/bid/75351
Third Party Advisory
VDB Entry
http://www.securitytracker.com/id/1032705
Third Party Advisory
VDB Entry
http://tools.cisco.com/security/center/viewAlert.x?alertId=39459
Vendor Advisory
http://www.securityfocus.com/bid/75351
Third Party Advisory
VDB Entry
http://www.securitytracker.com/id/1032705
Third Party Advisory
VDB Entry

Уязвимые конфигурации

Конфигурация 1

cpe:2.3:a:cisco:webex_meeting_center:-:*:*:*:*:*:*:*

EPSS

Процентиль: 73%

0.00778

Низкий

6.4 Medium

CVSS2

Дефекты

CWE-200

Связанные уязвимости

GHSA-q299-h828-h44m

github

больше 3 лет назад

Cisco WebEx Meeting Center does not properly determine authorization for reading a host calendar, which allows remote attackers to obtain sensitive information by obtaining a list of all meetings and then sending a calendar request for each one, aka Bug ID CSCur23913.

EPSS

Процентиль: 73%

0.00778

Низкий

6.4 Medium

CVSS2

Дефекты

CWE-200