CVE-2010-0140

2022-10-0316:21:13

[email protected]

web.nvd.nist.gov

cisco

unified meetingplace

web server

vulnerabilities

cve-2010-0140

nvd

10 High

CVSS2

Attack Vector

NETWORK

Attack Complexity

LOW

Authentication

NONE

Confidentiality Impact

COMPLETE

Integrity Impact

COMPLETE

Availability Impact

COMPLETE

AV:N/AC:L/Au:N/C:C/I:C/A:C

7 High

AI Score

Confidence

Low

0.003 Low

EPSS

Percentile

70.5%

JSON

Multiple unspecified vulnerabilities in the web server in Cisco Unified MeetingPlace 7 before 7.0(2.3) hotfix 5F, 6 before 6.0.639.3, and possibly 5 allow remote attackers to create (1) user or (2) administrator accounts via a crafted URL in a request to the internal interface, aka Bug IDs CSCtc59231 and CSCtd40661.

Affected configurations

NVD

Node

ciscounified_meetingplaceMatch5.2

ciscounified_meetingplaceMatch5.3

ciscounified_meetingplaceMatch5.4

ciscounified_meetingplaceMatch6.0

ciscounified_meetingplaceMatch7.0

ciscounified_meetingplaceMatch7.0.1

ciscounified_meetingplaceMatch7.0.2

CPENameOperatorVersion
cisco:unified_meetingplacecisco unified meetingplaceeq5.2
cisco:unified_meetingplacecisco unified meetingplaceeq5.3
cisco:unified_meetingplacecisco unified meetingplaceeq5.4
cisco:unified_meetingplacecisco unified meetingplaceeq6.0
cisco:unified_meetingplacecisco unified meetingplaceeq7.0
cisco:unified_meetingplacecisco unified meetingplaceeq7.0.1
cisco:unified_meetingplacecisco unified meetingplaceeq7.0.2

CPE	Name	Operator	Version
cisco:unified_meetingplace	cisco unified meetingplace	eq	5.2
cisco:unified_meetingplace	cisco unified meetingplace	eq	5.3
cisco:unified_meetingplace	cisco unified meetingplace	eq	5.4
cisco:unified_meetingplace	cisco unified meetingplace	eq	6.0
cisco:unified_meetingplace	cisco unified meetingplace	eq	7.0
cisco:unified_meetingplace	cisco unified meetingplace	eq	7.0.1
cisco:unified_meetingplace	cisco unified meetingplace	eq	7.0.2