CVE-2010-0141

2010-01-2820:30:00

CWE-255

[email protected]

web.nvd.nist.gov

cisco

meetingplace

vulnerability

remote attack

discovery

authentication

bug id

cscsv76935

7.1 High

AI Score

Confidence

Low

6.4 Medium

CVSS2

Access Vector

NETWORK

Access Complexity

LOW

Authentication

NONE

Confidentiality Impact

PARTIAL

Integrity Impact

PARTIAL

Availability Impact

NONE

AV:N/AC:L/Au:N/C:P/I:P/A:N

0.002 Low

EPSS

Percentile

59.7%

JSON

MeetingTime in Cisco Unified MeetingPlace 6 before MR5, and possibly 5, allows remote attackers to discover usernames, passwords, and unspecified other data from the user database via a modified authentication sequence to the Audio Server, aka Bug ID CSCsv76935.

CPENameOperatorVersion
cisco:unified_meetingplacecisco unified meetingplaceeq6.0.244
cisco:unified_meetingplacecisco unified meetingplaceeq6.0.170.0
cisco:unified_meetingplacecisco unified meetingplaceeq6.0

CPE	Name	Operator	Version
cisco:unified_meetingplace	cisco unified meetingplace	eq	6.0.244
cisco:unified_meetingplace	cisco unified meetingplace	eq	6.0.170.0
cisco:unified_meetingplace	cisco unified meetingplace	eq	6.0