Vulnerability Description
The Forgot Password feature in Cisco WebEx Meetings Server 1.5(.1.131) and earlier allows remote attackers to enumerate administrative accounts via crafted packets, aka Bug IDs CSCuj67166 and CSCuj67159.
CVSS Score
5.0
MEDIUM
AV:N/AC:L/Au:N/C:P/I:N/A:N
Affected Products
| Vendor | Product | Versions |
|---|---|---|
| Cisco | Webex Meetings Server | <= 1.5\(.1.131\) |
Related Weaknesses (CWE)
References
- http://tools.cisco.com/security/center/content/CiscoSecurityNotice/CVE-2015-0597Vendor Advisory
- http://tools.cisco.com/security/center/viewAlert.x?alertId=37240Vendor Advisory
- http://www.securityfocus.com/bid/72373Third Party AdvisoryVDB Entry
- http://www.securitytracker.com/id/1031678Third Party AdvisoryVDB Entry
- https://exchange.xforce.ibmcloud.com/vulnerabilities/100658
- http://tools.cisco.com/security/center/content/CiscoSecurityNotice/CVE-2015-0597Vendor Advisory
- http://tools.cisco.com/security/center/viewAlert.x?alertId=37240Vendor Advisory
- http://www.securityfocus.com/bid/72373Third Party AdvisoryVDB Entry
- http://www.securitytracker.com/id/1031678Third Party AdvisoryVDB Entry
- https://exchange.xforce.ibmcloud.com/vulnerabilities/100658
FAQ
What is CVE-2015-0597?
CVE-2015-0597 is a vulnerability with a CVSS score of 5.0 (MEDIUM). The Forgot Password feature in Cisco WebEx Meetings Server 1.5(.1.131) and earlier allows remote attackers to enumerate administrative accounts via crafted packets, aka Bug IDs CSCuj67166 and CSCuj671...
How severe is CVE-2015-0597?
CVE-2015-0597 has been rated MEDIUM with a CVSS base score of 5.0/10. Review the CVSS metrics above for detailed severity breakdown.
Is there a patch for CVE-2015-0597?
Check the references section above for vendor advisories and patch information. Affected products include: Cisco Webex Meetings Server.