CVSS2
Attack Vector
NETWORK
Attack Complexity
LOW
Authentication
NONE
Confidentiality Impact
PARTIAL
Integrity Impact
NONE
Availability Impact
NONE
AV:N/AC:L/Au:N/C:P/I:N/A:N
EPSS
Percentile
68.4%
A vulnerability in the file URI scheme of Cisco WebEx Meetings Server could allow an unauthenticated, remote attacker to access sensitive information.
The vulnerability is due to inclusion of sensitive information in URLs. An attacker could exploit the vulnerability by viewing application URL requests that contain sensitive information.
Cisco has confirmed the vulnerability and released updated software.
To exploit the vulnerability, the attacker may need access to trusted or internal networks to view application URL requests made by the affected software. This access requirement could limit the likelihood of a successful exploit.
Vendor | Product | Version | CPE |
---|---|---|---|
cisco | webex_meeting_center | any | cpe:2.3:a:cisco:webex_meeting_center:any:*:*:*:*:*:*:* |