Lucene search

[email protected]CVE-2015-0597

HistoryFeb 02, 2015 - 1:59 a.m.

CVE-2015-0597

2015-02-0201:59:08

CWE-20

CWE-200

[email protected]

web.nvd.nist.gov

cve-2015-0597

cisco

webex meetings server

remote attackers

administrative accounts

security vulnerability

6.9 Medium

AI Score

Confidence

Low

5 Medium

CVSS2

Access Vector

Access Complexity

Authentication

NONE

Confidentiality Impact

PARTIAL

Integrity Impact

NONE

Availability Impact

NONE

AV:N/AC:L/Au:N/C:P/I:N/A:N

0.002 Low

EPSS

Percentile

61.0%

JSON

The Forgot Password feature in Cisco WebEx Meetings Server 1.5(.1.131) and earlier allows remote attackers to enumerate administrative accounts via crafted packets, aka Bug IDs CSCuj67166 and CSCuj67159.

Affected configurations

NVD

Node

ciscowebex_meetings_serverRange≤1.5\(.1.131\)

CPENameOperatorVersion
cisco:webex_meetings_servercisco webex meetings serverle1.5\(.1.131\)

CPE	Name	Operator	Version
cisco:webex_meetings_server	cisco webex meetings server	le	1.5\(.1.131\)

References

tools.cisco.com/security/center/content/CiscoSecurityNotice/CVE-2015-0597

tools.cisco.com/security/center/viewAlert.x?alertId=37240

www.securityfocus.com/bid/72373

www.securitytracker.com/id/1031678

exchange.xforce.ibmcloud.com/vulnerabilities/100658

6.9 Medium

AI Score

Confidence

Low

5 Medium

CVSS2

Access Vector

Access Complexity

Authentication

NONE

Confidentiality Impact

PARTIAL

Integrity Impact

NONE

Availability Impact

NONE

AV:N/AC:L/Au:N/C:P/I:N/A:N

0.002 Low

EPSS

Percentile

61.0%

JSON

Related for CVE-2015-0597

cisco1 prion1 cvelist1 nvd1