- Description
- The Event Center module in Cisco WebEx Meetings Server does not perform request authentication in all intended circumstances, which allows remote attackers to discover host keys and event passwords via crafted URLs, aka Bug ID CSCue62485.
- Source
- ykramarz@cisco.com
- NVD status
- Analyzed
CVSS 2.0
- Type
- Primary
- Base score
- 4.3
- Impact score
- 2.9
- Exploitability score
- 8.6
- Vector string
- AV:N/AC:M/Au:N/C:P/I:N/A:N
- nvd@nist.gov
- CWE-287
- Hype score
- Not currently trending
[
{
"nodes": [
{
"negate": false,
"cpeMatch": [
{
"criteria": "cpe:2.3:a:cisco:webex_meetings_server:-:*:*:*:*:*:*:*",
"vulnerable": true,
"matchCriteriaId": "9FE5F3F6-C7AE-4384-B58D-F0506719E35C"
}
],
"operator": "OR"
}
]
}
]