Published: 02/02/2015 Updated: 08/09/2017

CVSS v2 Base Score: 5 | Impact Score: 2.9 | Exploitability Score: 10

VMScore: 445

Vector: AV:N/AC:L/Au:N/C:P/I:N/A:N

The Forgot Password feature in Cisco WebEx Meetings Server 1.5(.1.131) and previous versions allows remote malicious users to enumerate administrative accounts via crafted packets, aka Bug IDs CSCuj67166 and CSCuj67159.

Vulnerable Product	Search on Vulmon	Subscribe to Product
cisco webex meetings server

A vulnerability in the Forgot Password process of the Cisco WebEx Meetings Server could allow an unauthenticated, remote attacker to enumerate a valid administrator account The vulnerability is due to insufficient user input validation An attacker could exploit this vulnerability by submitting crafted packets to a vulnerable device Cisco has c ...

CWE-200 CWE-20 http://tools.cisco.com/security/center/content/CiscoSecurityNotice/CVE-2015-0597 http://tools.cisco.com/security/center/viewAlert.x?alertId=37240 http://www.securityfocus.com/bid/72373 http://www.securitytracker.com/id/1031678 https://exchange.xforce.ibmcloud.com/vulnerabilities/100658 https://nvd.nist.gov http://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/Cisco-SA-20150130-CVE-2015-0597

Get Started

Vulmon Search is a vulnerability search engine. It gives comprehensive vulnerability information through a very simple user interface.

Home Recent Vulnerabilities Research Posts Trends Blog About Contact

Vulmon Search Vulmon Research Vulmon Alerts Vulmap

Twitter Reddit Linkedin Facebook

CVE-2015-0597

Vulnerability Summary

Vendor Advisories

References

Vulmon Search

About

Products

Connect