Lucene search

[email protected]CVE-2015-0595

HistoryFeb 02, 2015 - 1:59 a.m.

CVE-2015-0595

2015-02-0201:59:00

CWE-200

[email protected]

web.nvd.nist.gov

cisco

webex

meetings

server

xmlapi

information disclosure

vulnerability

cve-2015-0595

nvd

6.4 Medium

AI Score

Confidence

Low

5 Medium

CVSS2

Access Vector

NETWORK

Access Complexity

LOW

Authentication

NONE

Confidentiality Impact

PARTIAL

Integrity Impact

NONE

Availability Impact

NONE

AV:N/AC:L/Au:N/C:P/I:N/A:N

0.003 Low

EPSS

Percentile

69.5%

JSON

The XMLAPI in Cisco WebEx Meetings Server 1.5(.1.131) and earlier allows remote attackers to obtain sensitive information by reading return messages from crafted GET requests, aka Bug ID CSCuj67079.

CPENameOperatorVersion
cisco:webex_meetings_servercisco webex meetings serverle1.5\(.1.131\)

CPE	Name	Operator	Version
cisco:webex_meetings_server	cisco webex meetings server	le	1.5\(.1.131\)

References

secunia.com/advisories/62686

tools.cisco.com/security/center/content/CiscoSecurityNotice/CVE-2015-0595

tools.cisco.com/security/center/viewAlert.x?alertId=37238

www.securityfocus.com/bid/72370

www.securitytracker.com/id/1031676

exchange.xforce.ibmcloud.com/vulnerabilities/100667

6.4 Medium

AI Score

Confidence

Low

5 Medium

CVSS2

Access Vector

NETWORK

Access Complexity

LOW

Authentication

NONE

Confidentiality Impact

PARTIAL

Integrity Impact

NONE

Availability Impact

NONE

AV:N/AC:L/Au:N/C:P/I:N/A:N

0.003 Low

EPSS

Percentile

69.5%

JSON

Related for CVE-2015-0595

cisco1 prion1 cvelist1