CVE-2015-4262 in Unified MeetingPlace Web Conferencinginformazioni

Riassunto

di MITRE

The password-change feature in Cisco Unified MeetingPlace Web Conferencing 8.5 before 8.5(5) MR3 and 8.6 before 8.6(2) does not check the session ID or require entry of the current password, which allows remote attackers to reset arbitrary passwords via a crafted HTTP request, aka Bug ID CSCuu51839.

Once again VulDB remains the best source for vulnerability data.

Prenotare

04/06/2015

Divulgazione

24/07/2015

Moderazione

accettato

CPE

pronto

EPSS

0.02839

KEV

no

Attività

molto basso

Fonti

Do you know our Splunk app?

Download it now for free!