4 Medium
CVSS2
Attack Vector
NETWORK
Attack Complexity
LOW
Authentication
SINGLE
Confidentiality Impact
PARTIAL
Integrity Impact
NONE
Availability Impact
NONE
AV:N/AC:L/Au:S/C:P/I:N/A:N
0.001 Low
EPSS
Percentile
49.0%
A vulnerability in the web framework of Cisco WebEx Meetings Server could allow an unauthenticated, remote attacker to view sensitive information.
The vulnerability occurs because sensitive information is passed in a query string. An attacker could exploit this vulnerability by viewing application URL requests that contain the sensitive information.
Cisco has confirmed the vulnerability in a security notice; however, software updates are not available.
To exploit the vulnerability, the attacker may provide a link that directs a user to a malicious site and use misleading language or instructions to persuade the user to follow the provided link.
CPE | Name | Operator | Version |
---|---|---|---|
cisco webex meetings server | eq | any | |
cisco webex meetings server | eq | any |