Lucene search

CiscoCVE-2015-0589

HistoryFeb 07, 2015 - 3:59 p.m.

CVE-2015-0589

2015-02-0715:59:06

CWE-20

cisco

web.nvd.nist.gov

cisco

webex

meetings server

cve-2015-0589

security

vulnerability

CVSS2

Attack Vector

NETWORK

Attack Complexity

LOW

Authentication

SINGLE

Confidentiality Impact

COMPLETE

Integrity Impact

COMPLETE

Availability Impact

COMPLETE

AV:N/AC:L/Au:S/C:C/I:C/A:C

AI Score

7.5

Confidence

Low

EPSS

0.003

Percentile

71.4%

JSON

The administrative web interface in Cisco WebEx Meetings Server 1.0 through 1.5 allows remote authenticated users to execute arbitrary OS commands with root privileges via unspecified fields, aka Bug ID CSCuj40460.

Affected configurations

Nvd

Node

ciscowebex_meetings_serverMatch1.0

ciscowebex_meetings_serverMatch1.1

ciscowebex_meetings_serverMatch1.5

VendorProductVersionCPE
ciscowebex_meetings_server1.0cpe:2.3:a:cisco:webex_meetings_server:1.0:*:*:*:*:*:*:*
ciscowebex_meetings_server1.1cpe:2.3:a:cisco:webex_meetings_server:1.1:*:*:*:*:*:*:*
ciscowebex_meetings_server1.5cpe:2.3:a:cisco:webex_meetings_server:1.5:*:*:*:*:*:*:*

Vendor	Product	Version	CPE
cisco	webex_meetings_server	1.0	cpe:2.3:a:cisco:webex_meetings_server:1.0:::::::*
cisco	webex_meetings_server	1.1	cpe:2.3:a:cisco:webex_meetings_server:1.1:::::::*
cisco	webex_meetings_server	1.5	cpe:2.3:a:cisco:webex_meetings_server:1.5:::::::*

References

secunia.com/advisories/62799

tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20150204-wbx

www.securityfocus.com/bid/72493

www.securitytracker.com/id/1031692

exchange.xforce.ibmcloud.com/vulnerabilities/100719

CVSS2

Attack Vector

NETWORK

Attack Complexity

LOW

Authentication

SINGLE

Confidentiality Impact

COMPLETE

Integrity Impact

COMPLETE

Availability Impact

COMPLETE

AV:N/AC:L/Au:S/C:C/I:C/A:C

AI Score

7.5

Confidence

Low

EPSS

0.003

Percentile

71.4%

JSON

Related for CVE-2015-0589