CVE-2015-4218

Published Jun 24, 2015

Last updated 8 years ago

Overview

Description: The web-based user interface in Cisco Jabber through 9.6(3) and 9.7 through 9.7(5) on Windows allows remote attackers to obtain sensitive information via a crafted value in a GET request, aka Bug IDs CSCuu65622 and CSCuu70858.
Source: ykramarz@cisco.com
NVD status: Analyzed

Hype score: Not currently trending

Risk scores

CVSS 2.0

Type: Primary
Base score: 5
Impact score: 2.9
Exploitability score: 10
Vector string: AV:N/AC:L/Au:N/C:P/I:N/A:N

Weaknesses

nvd@nist.gov: CWE-200

Configurations

[
  {
    "nodes": [
      {
        "negate": false,
        "cpeMatch": [
          {
            "criteria": "cpe:2.3:a:cisco:jabber:9.6\\(0\\):*:*:*:*:windows:*:*",
            "vulnerable": true,
            "matchCriteriaId": "46AFE274-98F7-4EAC-B5BC-7E2E37AE06AC"
          },
          {
            "criteria": "cpe:2.3:a:cisco:jabber:9.6\\(1\\):*:*:*:*:windows:*:*",
            "vulnerable": true,
            "matchCriteriaId": "775A873A-D368-471F-991C-915D787847BF"
          },
          {
            "criteria": "cpe:2.3:a:cisco:jabber:9.6\\(2\\):*:*:*:*:windows:*:*",
            "vulnerable": true,
            "matchCriteriaId": "822DC885-020C-46D3-8E39-A76420E36DC4"
          },
          {
            "criteria": "cpe:2.3:a:cisco:jabber:9.6\\(3\\):*:*:*:*:windows:*:*",
            "vulnerable": true,
            "matchCriteriaId": "82C41667-D1C8-4C5B-822A-1D5AFBA6ECE4"
          },
          {
            "criteria": "cpe:2.3:a:cisco:jabber:9.7\\(0\\):*:*:*:*:windows:*:*",
            "vulnerable": true,
            "matchCriteriaId": "01D71E7C-F3B7-49C7-8CE6-4FA9C6B8F4B7"
          },
          {
            "criteria": "cpe:2.3:a:cisco:jabber:9.7\\(1\\):*:*:*:*:windows:*:*",
            "vulnerable": true,
            "matchCriteriaId": "C5A9C5C8-D379-454D-BAD9-E254D83285F6"
          },
          {
            "criteria": "cpe:2.3:a:cisco:jabber:9.7\\(2\\):*:*:*:*:windows:*:*",
            "vulnerable": true,
            "matchCriteriaId": "65635A3B-0471-4115-8C6D-6609AD0D3FE1"
          },
          {
            "criteria": "cpe:2.3:a:cisco:jabber:9.7\\(3\\):*:*:*:*:windows:*:*",
            "vulnerable": true,
            "matchCriteriaId": "A175FC00-EFFF-47EF-B6AF-CC7A504D861D"
          },
          {
            "criteria": "cpe:2.3:a:cisco:jabber:9.7\\(4\\):*:*:*:*:windows:*:*",
            "vulnerable": true,
            "matchCriteriaId": "A3D81AD5-AF7D-4D02-951A-20CBC4735A2C"
          },
          {
            "criteria": "cpe:2.3:a:cisco:jabber:9.7\\(5\\):*:*:*:*:windows:*:*",
            "vulnerable": true,
            "matchCriteriaId": "76203F9C-F114-4DFE-BDC9-91F021EDE58E"
          }
        ],
        "operator": "OR"
      }
    ]
  }
]

Overview

Social media

Risk scores

CVSS 2.0

Weaknesses

Configurations

References