Cisco » Unified Meetingplace : Security Vulnerabilities, CVEs, (Information Leak)

CVE-2015-4214

Cisco Unified MeetingPlace 8.6(1.2) and 8.6(1.9) allows remote authenticated users to discover cleartext passwords by reading HTML source code, aka Bug ID CSCuu33050.
Max CVSS
4.0
EPSS Score
0.08%
Published
2015-06-24
Updated
2016-12-28

CVE-2015-0764

Cisco Unified MeetingPlace 8.6(1.9) allows remote attackers to read arbitrary files via a crafted resource request, aka Bug ID CSCus95603.
Max CVSS
5.0
EPSS Score
0.12%
Published
2015-06-04
Updated
2017-01-04

CVE-2015-0763

Cisco Unified MeetingPlace 8.6(1.2) does not properly validate session IDs in http URLs, which allows remote attackers to obtain sensitive session information via a crafted URL, aka Bug ID CSCuu60338.
Max CVSS
5.0
EPSS Score
0.12%
Published
2015-06-04
Updated
2017-01-04

CVE-2015-0758

The web-based user interface in Cisco Unified MeetingPlace 8.6(1.9) allows remote attackers to read arbitrary files via an XML document containing an external entity declaration in conjunction with an entity reference, related to an XML External Entity (XXE) issue, aka Bug ID CSCus97452.
Max CVSS
4.0
EPSS Score
0.10%
Published
2015-05-30
Updated
2017-01-04

CVE-2011-4232

The web server in Cisco Unified MeetingPlace 6.1 and 8.5 produces different responses for directory queries depending on whether the directory exists, which allows remote attackers to enumerate directory names via a series of queries, aka Bug ID CSCtt94070.
Max CVSS
5.0
EPSS Score
0.27%
Published
2012-05-03
Updated
2012-05-30
5 vulnerabilities found
This web site uses cookies for managing your session, storing preferences, website analytics and additional purposes described in our privacy policy.
By using this web site you are agreeing to CVEdetails.com terms of use!
Accept Close