Vulnerability Description
The XMLAPI in Cisco WebEx Meetings Server 1.5(.1.131) and earlier allows remote attackers to obtain sensitive information by reading return messages from crafted GET requests, aka Bug ID CSCuj67079.
CVSS Score
5.0
MEDIUM
AV:N/AC:L/Au:N/C:P/I:N/A:N
Affected Products
| Vendor | Product | Versions |
|---|---|---|
| Cisco | Webex Meetings Server | <= 1.5\(.1.131\) |
Related Weaknesses (CWE)
References
- http://secunia.com/advisories/62686
- http://tools.cisco.com/security/center/content/CiscoSecurityNotice/CVE-2015-0595Vendor Advisory
- http://tools.cisco.com/security/center/viewAlert.x?alertId=37238Vendor Advisory
- http://www.securityfocus.com/bid/72370Third Party AdvisoryVDB Entry
- http://www.securitytracker.com/id/1031676Third Party AdvisoryVDB Entry
- https://exchange.xforce.ibmcloud.com/vulnerabilities/100667
- http://secunia.com/advisories/62686
- http://tools.cisco.com/security/center/content/CiscoSecurityNotice/CVE-2015-0595Vendor Advisory
- http://tools.cisco.com/security/center/viewAlert.x?alertId=37238Vendor Advisory
- http://www.securityfocus.com/bid/72370Third Party AdvisoryVDB Entry
- http://www.securitytracker.com/id/1031676Third Party AdvisoryVDB Entry
- https://exchange.xforce.ibmcloud.com/vulnerabilities/100667
FAQ
What is CVE-2015-0595?
CVE-2015-0595 is a vulnerability with a CVSS score of 5.0 (MEDIUM). The XMLAPI in Cisco WebEx Meetings Server 1.5(.1.131) and earlier allows remote attackers to obtain sensitive information by reading return messages from crafted GET requests, aka Bug ID CSCuj67079.
How severe is CVE-2015-0595?
CVE-2015-0595 has been rated MEDIUM with a CVSS base score of 5.0/10. Review the CVSS metrics above for detailed severity breakdown.
Is there a patch for CVE-2015-0595?
Check the references section above for vendor advisories and patch information. Affected products include: Cisco Webex Meetings Server.