Vulnerability Details : CVE-2009-0614
Unspecified vulnerability in the Web Server in Cisco Unified MeetingPlace Web Conferencing 6.0 before 6.0(517.0) (aka 6.0 MR4) and 7.0 before 7.0(2) (aka 7.0 MR1) allows remote attackers to bypass authentication and obtain administrative access via a crafted URL.
Vulnerability category: BypassGain privilege
Products affected by CVE-2009-0614
- Cisco » Unified Meetingplace Web ConferencingVersions from including (>=) 6.0\(171\) and before (<) 6.0\(517.0\)cpe:2.3:a:cisco:unified_meetingplace_web_conferencing:*:*:*:*:*:*:*:*
- Cisco » Unified Meetingplace Web ConferencingVersions from including (>=) 7.0\(1\) and before (<) 7.0\(2\)cpe:2.3:a:cisco:unified_meetingplace_web_conferencing:*:*:*:*:*:*:*:*
Exploit prediction scoring system (EPSS) score for CVE-2009-0614
0.38%
Probability of exploitation activity in the next 30 days
EPSS Score History
~ 72 %
Percentile, the proportion of vulnerabilities that are scored at or less
CVSS scores for CVE-2009-0614
Base Score | Base Severity | CVSS Vector | Exploitability Score | Impact Score | Score Source | First Seen |
---|---|---|---|---|---|---|
9.0
|
HIGH | AV:N/AC:L/Au:N/C:P/I:P/A:C |
10.0
|
8.5
|
NIST |
CWE ids for CVE-2009-0614
-
When an actor claims to have a given identity, the product does not prove or insufficiently proves that the claim is correct.Assigned by: nvd@nist.gov (Primary)
References for CVE-2009-0614
-
https://exchange.xforce.ibmcloud.com/vulnerabilities/48888
VDB Entry
-
http://www.cisco.com/en/US/products/products_security_advisory09186a0080a7bc86.shtml
Vendor Advisory
-
http://www.securityfocus.com/bid/33901
Third Party Advisory;VDB Entry
Jump to