Vulnerability Details : CVE-2015-0595
The XMLAPI in Cisco WebEx Meetings Server 1.5(.1.131) and earlier allows remote attackers to obtain sensitive information by reading return messages from crafted GET requests, aka Bug ID CSCuj67079.
Products affected by CVE-2015-0595
- cpe:2.3:a:cisco:webex_meetings_server:*:*:*:*:*:*:*:*
Exploit prediction scoring system (EPSS) score for CVE-2015-0595
0.61%
Probability of exploitation activity in the next 30 days
EPSS Score History
~ 67 %
Percentile, the proportion of vulnerabilities that are scored at or less
CVSS scores for CVE-2015-0595
| Base Score | Base Severity | CVSS Vector | Exploitability Score | Impact Score | Score Source | First Seen |
|---|---|---|---|---|---|---|
|
5.0
|
MEDIUM | AV:N/AC:L/Au:N/C:P/I:N/A:N |
10.0
|
2.9
|
NIST |
CWE ids for CVE-2015-0595
-
The product exposes sensitive information to an actor that is not explicitly authorized to have access to that information.Assigned by: nvd@nist.gov (Primary)
References for CVE-2015-0595
-
https://exchange.xforce.ibmcloud.com/vulnerabilities/100667
Cisco WebEx Meetings Server XML API information disclosure CVE-2015-0595 Vulnerability Report
-
http://tools.cisco.com/security/center/viewAlert.x?alertId=37238
Cisco WebEx Meetings Server XMLAPI VulnerabilityVendor Advisory
-
http://www.securitytracker.com/id/1031676
Cisco WebEx Meetings Server Flaw in XML API Lets Remote Users Obtain Potentially Sensitive Information - SecurityTrackerThird Party Advisory;VDB Entry
-
http://tools.cisco.com/security/center/content/CiscoSecurityNotice/CVE-2015-0595
Cisco WebEx Meetings Server XMLAPI VulnerabilityVendor Advisory
-
http://www.securityfocus.com/bid/72370
Cisco WebEx Meetings Server CVE-2015-0595 Information Disclosure VulnerabilityThird Party Advisory;VDB Entry
-
http://secunia.com/advisories/62686
Sign in
Jump to