Published: 13/09/2013 Updated: 16/10/2013
CVSS v2 Base Score: 5 | Impact Score: 2.9 | Exploitability Score: 10
VMScore: 445
Vector: AV:N/AC:L/Au:N/C:P/I:N/A:N

Vulnerability Summary

administration.jsp in Cisco SocialMiner allows remote malicious users to obtain sensitive information by sniffing the network for HTTP client-server traffic, aka Bug ID CSCuh76780.

Affected Products

Vendor Product Versions

Vendor Advisories

A vulnerability in the administrationjsp page of Cisco SocialMiner could allow an unauthenticated, remote attacker to access sensitive information The vulnerability exists because the affected software implements an insecure HTTP connection between a Cisco SocialMiner client and server when handling the administrationjsp page An attacker could ...