CVE-2015-0589

2015-02-0715:59:06

CWE-20

[email protected]

web.nvd.nist.gov

CVSS2

Attack Vector

NETWORK

Attack Complexity

LOW

Authentication

SINGLE

Confidentiality Impact

COMPLETE

Integrity Impact

COMPLETE

Availability Impact

COMPLETE

AV:N/AC:L/Au:S/C:C/I:C/A:C

AI Score

7.3

Confidence

Low

EPSS

0.003

Percentile

71.4%

JSON

The administrative web interface in Cisco WebEx Meetings Server 1.0 through 1.5 allows remote authenticated users to execute arbitrary OS commands with root privileges via unspecified fields, aka Bug ID CSCuj40460.

Affected configurations

Nvd

Node

ciscowebex_meetings_serverMatch1.0

ciscowebex_meetings_serverMatch1.1

ciscowebex_meetings_serverMatch1.5

VendorProductVersionCPE
ciscowebex_meetings_server1.0cpe:2.3:a:cisco:webex_meetings_server:1.0:*:*:*:*:*:*:*
ciscowebex_meetings_server1.1cpe:2.3:a:cisco:webex_meetings_server:1.1:*:*:*:*:*:*:*
ciscowebex_meetings_server1.5cpe:2.3:a:cisco:webex_meetings_server:1.5:*:*:*:*:*:*:*

Vendor	Product	Version	CPE
cisco	webex_meetings_server	1.0	cpe:2.3:a:cisco:webex_meetings_server:1.0:::::::*
cisco	webex_meetings_server	1.1	cpe:2.3:a:cisco:webex_meetings_server:1.1:::::::*
cisco	webex_meetings_server	1.5	cpe:2.3:a:cisco:webex_meetings_server:1.5:::::::*