Lucene search
CiscoCVE-2015-4208HistoryJun 24, 2015 - 10:59 a.m.
CVE-2015-4208
2015-06-2410:59:05
CWE-89
CWE-200
cisco
web.nvd.nist.gov
31
cisco
webex
meeting center
url restriction
bypass
cve-2015-4208
sql injection
bug id cscup88398
nvd
CVSS2
7.5
Attack Vector
NETWORK
Attack Complexity
LOW
Authentication
NONE
Confidentiality Impact
PARTIAL
Integrity Impact
PARTIAL
Availability Impact
PARTIAL
AV:N/AC:L/Au:N/C:P/I:P/A:P
AI Score
7
Confidence
Low
EPSS
0.002
Percentile
61.0%
Cisco WebEx Meeting Center does not properly restrict the content of URLs in GET requests, which allows remote attackers to obtain sensitive information or conduct SQL injection attacks via vectors involving read access to a request, aka Bug ID CSCup88398.
Affected configurations
Node
ciscowebex_meeting_centerMatch-
| Vendor | Product | Version | CPE |
|---|---|---|---|
| cisco | webex_meeting_center | - | cpe:2.3:a:cisco:webex_meeting_center:-:*:*:*:*:*:*:* |
Related
cisco
cisco
Cisco WebEx Meeting Center GET Parameter Vulnerability
2015-06-23 14:47:53
cvelist
cvelist
CVE-2015-4208
2015-06-24 10:00:00
nvd
nvd
CVE-2015-4208
2015-06-24 10:59:05
prion
prion
Sql injection
2015-06-24 10:59:00
CVSS2
7.5
Attack Vector
NETWORK
Attack Complexity
LOW
Authentication
NONE
Confidentiality Impact
PARTIAL
Integrity Impact
PARTIAL
Availability Impact
PARTIAL
AV:N/AC:L/Au:N/C:P/I:P/A:P
AI Score
7
Confidence
Low
EPSS
0.002
Percentile
61.0%
Related for CVE-2015-4208