CVE-2015-4262
CVE-2015-4262 affects Cisco Unified MeetingPlace Web Conferencing. The password-change function does not verify the session ID or require the current password, enabling a remote attacker to reset arbitrary user passwords through a crafted HTTP request. Affected versions include 8.5(5) MR3 and 8.6...