user.php in Cisco WebEx Meetings Server 1.5(.1.131) and earlier does not properly implement the token timer for authenticated encryption, which allows remote attackers to obtain sensitive information via a crafted URL, aka Bug ID CSCuj81708.
CPE | Name | Operator | Version |
---|---|---|---|
webex_meetings_server | eq | 1.5.16 | |
webex_meetings_server | eq | 1.5 | |
webex_meetings_server | eq | <= 1.5.1.131 |