A vulnerability in the Representational State Transfer (REST) interface of Cisco Spark could allow an authenticated, remote malicious user to view sensitive information from the underlying operating system. The vulnerability is due to insufficient protections of sensitive data. An attacker could exploit this vulnerability by accessing a specific file and reading the sensitive information. Cisco has released software updates that address this vulnerability. Workarounds that mitigate this vulnerability are not available. This advisory is available at the following link: tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20160210-sp2
Vulnerable Product | Search on Vulmon | Subscribe to Product |
---|---|---|
cisco spark 2015-06_base |