Lucene search

CiscoCVE-2015-0595

HistoryFeb 02, 2015 - 1:59 a.m.

CVE-2015-0595

2015-02-0201:59:06

CWE-200

cisco

web.nvd.nist.gov

cisco

webex

meetings

server

xmlapi

information disclosure

vulnerability

cve-2015-0595

nvd

CVSS2

Attack Vector

NETWORK

Attack Complexity

LOW

Authentication

NONE

Confidentiality Impact

PARTIAL

Integrity Impact

NONE

Availability Impact

NONE

AV:N/AC:L/Au:N/C:P/I:N/A:N

AI Score

6.3

Confidence

Low

EPSS

0.003

Percentile

70.4%

JSON

The XMLAPI in Cisco WebEx Meetings Server 1.5(.1.131) and earlier allows remote attackers to obtain sensitive information by reading return messages from crafted GET requests, aka Bug ID CSCuj67079.

Affected configurations

Nvd

Node

ciscowebex_meetings_serverRange≤1.5\(.1.131\)

VendorProductVersionCPE
ciscowebex_meetings_server*cpe:2.3:a:cisco:webex_meetings_server:*:*:*:*:*:*:*:*

Vendor	Product	Version	CPE
cisco	webex_meetings_server	*	cpe:2.3:a:cisco:webex_meetings_server::::::::

References

secunia.com/advisories/62686

tools.cisco.com/security/center/content/CiscoSecurityNotice/CVE-2015-0595

tools.cisco.com/security/center/viewAlert.x?alertId=37238

www.securityfocus.com/bid/72370

www.securitytracker.com/id/1031676

exchange.xforce.ibmcloud.com/vulnerabilities/100667

CVSS2

Attack Vector

NETWORK

Attack Complexity

LOW

Authentication

NONE

Confidentiality Impact

PARTIAL

Integrity Impact

NONE

Availability Impact

NONE

AV:N/AC:L/Au:N/C:P/I:N/A:N

AI Score

6.3

Confidence

Low

EPSS

0.003

Percentile

70.4%

JSON

Related for CVE-2015-0595