Sign-up

ID

VAR-201501-0220


CVE

CVE-2015-0583


TITLE

Cisco WebEx Meeting Center Vulnerability in which important information is obtained

Trust: 0.8

sources: JVNDB: JVNDB-2015-001042

DESCRIPTION

Cisco WebEx Meeting Center does not properly restrict the content of URLs, which allows remote attackers to obtain sensitive information via vectors related to file: URIs, aka Bug ID CSCus18281. Vendors have confirmed this vulnerability Bug ID CSCus18281 It is released as.Important information may be obtained by a third party. Cisco WebEx Meetings Server is prone to an information-disclosure vulnerability. An attacker can exploit this issue to obtain sensitive information that may aid in further attacks. This issue is being tracked by Cisco bug ID CSCus18281. Cisco WebEx Meeting Center is an online meeting product in a set of WebEx meeting solutions of Cisco (Cisco). The product invites others to join the meeting via email or instant messaging (IM), enabling online product demonstrations, information sharing, and more

Trust: 1.98

sources: NVD: CVE-2015-0583 // JVNDB: JVNDB-2015-001042 // BID: 72012 // VULHUB: VHN-78529

AFFECTED PRODUCTS

vendor:ciscomodel:webex meeting centerscope:eqversion: -

Trust: 1.6

vendor:ciscomodel:webex meeting centerscope: - version: -

Trust: 0.8

vendor:ciscomodel:webex meetings serverscope:eqversion:0

Trust: 0.3

sources: BID: 72012 // JVNDB: JVNDB-2015-001042 // CNNVD: CNNVD-201501-306 // NVD: CVE-2015-0583

CVSS

SEVERITY

CVSSV2

CVSSV3

nvd@nist.gov: CVE-2015-0583
value: MEDIUM

Trust: 1.0

NVD: CVE-2015-0583
value: MEDIUM

Trust: 0.8

CNNVD: CNNVD-201501-306
value: MEDIUM

Trust: 0.6

VULHUB: VHN-78529
value: MEDIUM

Trust: 0.1

nvd@nist.gov: CVE-2015-0583
severity: MEDIUM
baseScore: 5.0
vectorString: AV:N/AC:L/AU:N/C:P/I:N/A:N
accessVector: NETWORK
accessComplexity: LOW
authentication: NONE
confidentialityImpact: PARTIAL
integrityImpact: NONE
availabilityImpact: NONE
exploitabilityScore: 10.0
impactScore: 2.9
acInsufInfo: NONE
obtainAllPrivilege: NONE
obtainUserPrivilege: NONE
obtainOtherPrivilege: NONE
userInteractionRequired: NONE
version: 2.0

Trust: 1.8

VULHUB: VHN-78529
severity: MEDIUM
baseScore: 5.0
vectorString: AV:N/AC:L/AU:N/C:P/I:N/A:N
accessVector: NETWORK
accessComplexity: LOW
authentication: NONE
confidentialityImpact: PARTIAL
integrityImpact: NONE
availabilityImpact: NONE
exploitabilityScore: 10.0
impactScore: 2.9
acInsufInfo: NONE
obtainAllPrivilege: NONE
obtainUserPrivilege: NONE
obtainOtherPrivilege: NONE
userInteractionRequired: NONE
version: 2.0

Trust: 0.1

sources: VULHUB: VHN-78529 // JVNDB: JVNDB-2015-001042 // CNNVD: CNNVD-201501-306 // NVD: CVE-2015-0583

PROBLEMTYPE DATA

problemtype:CWE-200

Trust: 1.9

sources: VULHUB: VHN-78529 // JVNDB: JVNDB-2015-001042 // NVD: CVE-2015-0583

THREAT TYPE

remote

Trust: 0.6

sources: CNNVD: CNNVD-201501-306

TYPE

information disclosure

Trust: 0.6

sources: CNNVD: CNNVD-201501-306

CONFIGURATIONS

sources:
            
            
            JVNDB: JVNDB-2015-001042

PATCH
title:Cisco WebEx Meetings Server Information Disclosure Vulnerabilityurl:http://tools.cisco.com/security/center/content/CiscoSecurityNotice/CVE-2015-0583
Trust: 0.8
sources:
            
            
            JVNDB: JVNDB-2015-001042

EXTERNAL IDS
db:NVDid:CVE-2015-0583
Trust: 2.8
db:BIDid:72012
Trust: 1.4
db:JVNDBid:JVNDB-2015-001042
Trust: 0.8
db:CNNVDid:CNNVD-201501-306
Trust: 0.6
db:VULHUBid:VHN-78529
Trust: 0.1
sources:
            
            
            VULHUB: VHN-78529 // 
            
            
            
            BID: 72012 // 
            
            
            
            JVNDB: JVNDB-2015-001042 // 
            
            
            
            CNNVD: CNNVD-201501-306 // 
            
            
            
            NVD: CVE-2015-0583

REFERENCES
url:http://tools.cisco.com/security/center/content/ciscosecuritynotice/cve-2015-0583
Trust: 1.7
url:http://www.securityfocus.com/bid/72012
Trust: 1.1
url:https://exchange.xforce.ibmcloud.com/vulnerabilities/100565
Trust: 1.1
url:http://cve.mitre.org/cgi-bin/cvename.cgi?name=cve-2015-0583
Trust: 0.8
url:http://web.nvd.nist.gov/view/vuln/detail?vulnid=cve-2015-0583
Trust: 0.8
url:http://www.cisco.com/
Trust: 0.3
url:http://tools.cisco.com/security/center/content/ciscosecuritynotice/cve-2015-0583 
Trust: 0.3
sources:
            
            
            VULHUB: VHN-78529 // 
            
            
            
            BID: 72012 // 
            
            
            
            JVNDB: JVNDB-2015-001042 // 
            
            
            
            CNNVD: CNNVD-201501-306 // 
            
            
            
            NVD: CVE-2015-0583

CREDITS
Cisco
Trust: 0.3
sources:
            
            
            BID: 72012

SOURCES
db:VULHUBid:VHN-78529
db:BIDid:72012
db:JVNDBid:JVNDB-2015-001042
db:CNNVDid:CNNVD-201501-306
db:NVDid:CVE-2015-0583

LAST UPDATE DATE
2024-11-23T23:05:44.446000+00:00

SOURCES UPDATE DATE
db:VULHUBid:VHN-78529date:2017-09-08T00:00:00
db:BIDid:72012date:2015-01-12T00:00:00
db:JVNDBid:JVNDB-2015-001042date:2015-01-19T00:00:00
db:CNNVDid:CNNVD-201501-306date:2015-01-15T00:00:00
db:NVDid:CVE-2015-0583date:2024-11-21T02:23:21.670

SOURCES RELEASE DATE
db:VULHUBid:VHN-78529date:2015-01-14T00:00:00
db:BIDid:72012date:2015-01-12T00:00:00
db:JVNDBid:JVNDB-2015-001042date:2015-01-19T00:00:00
db:CNNVDid:CNNVD-201501-306date:2015-01-15T00:00:00
db:NVDid:CVE-2015-0583date:2015-01-14T19:59:04.867