Vulnerability Description
Cisco WebEx Meeting Center does not properly restrict the content of URLs in GET requests, which allows remote attackers to obtain sensitive information or conduct SQL injection attacks via vectors involving read access to a request, aka Bug ID CSCup88398.
CVSS Score
HIGH
Affected Products
| Vendor | Product | Versions |
|---|---|---|
| Cisco | Webex Meeting Center | - |
Related Weaknesses (CWE)
References
- http://tools.cisco.com/security/center/viewAlert.x?alertId=39458Vendor Advisory
- http://www.securityfocus.com/bid/75361Third Party AdvisoryVDB Entry
- http://www.securitytracker.com/id/1032705Third Party AdvisoryVDB Entry
- http://tools.cisco.com/security/center/viewAlert.x?alertId=39458Vendor Advisory
- http://www.securityfocus.com/bid/75361Third Party AdvisoryVDB Entry
- http://www.securitytracker.com/id/1032705Third Party AdvisoryVDB Entry
FAQ
What is CVE-2015-4208?
CVE-2015-4208 is a vulnerability with a CVSS score of 7.5 (HIGH). Cisco WebEx Meeting Center does not properly restrict the content of URLs in GET requests, which allows remote attackers to obtain sensitive information or conduct SQL injection attacks via vectors in...
How severe is CVE-2015-4208?
CVE-2015-4208 has been rated HIGH with a CVSS base score of 7.5/10. Review the CVSS metrics above for detailed severity breakdown.
Is there a patch for CVE-2015-4208?
Check the references section above for vendor advisories and patch information. Affected products include: Cisco Webex Meeting Center.