Lucene search

K
cve[email protected]CVE-2011-4232
HistoryMay 03, 2012 - 10:11 a.m.

CVE-2011-4232

2012-05-0310:11:39
CWE-200
web.nvd.nist.gov
19
cisco
unified meetingplace
web server
directory enumeration
vulnerability
cve-2011-4232
nvd
bug id csctt94070

6.8 Medium

AI Score

Confidence

Low

5 Medium

CVSS2

Access Vector

Access Complexity

Authentication

NONE

Confidentiality Impact

PARTIAL

Integrity Impact

NONE

Availability Impact

NONE

AV:N/AC:L/Au:N/C:P/I:N/A:N

0.003 Low

EPSS

Percentile

67.8%

The web server in Cisco Unified MeetingPlace 6.1 and 8.5 produces different responses for directory queries depending on whether the directory exists, which allows remote attackers to enumerate directory names via a series of queries, aka Bug ID CSCtt94070.

Affected configurations

NVD
Node
ciscounified_meetingplaceMatch6.1
OR
ciscounified_meetingplaceMatch8.5

6.8 Medium

AI Score

Confidence

Low

5 Medium

CVSS2

Access Vector

Access Complexity

Authentication

NONE

Confidentiality Impact

PARTIAL

Integrity Impact

NONE

Availability Impact

NONE

AV:N/AC:L/Au:N/C:P/I:N/A:N

0.003 Low

EPSS

Percentile

67.8%

Related for CVE-2011-4232