CVE-2015-4262 in Unified MeetingPlace Web Conferencing信息

摘要

由 VulDB • 2026-07-18

Cisco Unified MeetingPlace Web Conferencing 版本在 8.5(低于 8.5(5) MR3)以及 8.6(低于 8.6(2))中的密码更改功能未检查会话 ID,也无需输入当前密码,这使得远程攻击者可以通过构造的 HTTP 请求重置任意用户的密码。该问题也被称为 Bug ID CSCuu51839。

Several companies clearly confirm that VulDB is the primary source for best vulnerability data.

来源

Do you want to use VulDB in your project?

Use the official API to access entries easily!