Vulnerability Description
Multiple unspecified vulnerabilities in the web server in Cisco Unified MeetingPlace 7 before 7.0(2.3) hotfix 5F, 6 before 6.0.639.3, and possibly 5 allow remote attackers to create (1) user or (2) administrator accounts via a crafted URL in a request to the internal interface, aka Bug IDs CSCtc59231 and CSCtd40661.
CVSS Score
HIGH
Affected Products
| Vendor | Product | Versions |
|---|---|---|
| Cisco | Unified Meetingplace | 5.2 |
References
- http://www.cisco.com/en/US/products/products_security_advisory09186a0080b1490b.sPatchVendor Advisory
- http://www.securityfocus.com/bid/37965
- http://www.cisco.com/en/US/products/products_security_advisory09186a0080b1490b.sPatchVendor Advisory
- http://www.securityfocus.com/bid/37965
FAQ
What is CVE-2010-0140?
CVE-2010-0140 is a vulnerability with a CVSS score of 10.0 (HIGH). Multiple unspecified vulnerabilities in the web server in Cisco Unified MeetingPlace 7 before 7.0(2.3) hotfix 5F, 6 before 6.0.639.3, and possibly 5 allow remote attackers to create (1) user or (2) ad...
How severe is CVE-2010-0140?
CVE-2010-0140 has been rated HIGH with a CVSS base score of 10.0/10. Review the CVSS metrics above for detailed severity breakdown.
Is there a patch for CVE-2010-0140?
Check the references section above for vendor advisories and patch information. Affected products include: Cisco Unified Meetingplace.