9

CVE-2009-0614

Unspecified vulnerability in the Web Server in Cisco Unified MeetingPlace Web Conferencing 6.0 before 6.0(517.0) (aka 6.0 MR4) and 7.0 before 7.0(2) (aka 7.0 MR1) allows remote attackers to bypass authentication and obtain administrative access via a crafted URL.
Daten sind bereitgestellt durch National Vulnerability Database (NVD)
CiscoUnified Meetingplace Web Conferencing Version >= 6.0\(171\) < 6.0\(517.0\)
CiscoUnified Meetingplace Web Conferencing Version >= 7.0\(1\) < 7.0\(2\)
Zu dieser CVE wurde keine Warnung gefunden.
EPSS Metriken
Typ Quelle Score Percentile
EPSS FIRST.org 2.55% 0.83
CVSS Metriken
Quelle Base Score Exploit Score Impact Score Vector String
nvd@nist.gov 9 10 8.5
AV:N/AC:L/Au:N/C:P/I:P/A:C
CWE-287 Improper Authentication

When an actor claims to have a given identity, the product does not prove or insufficiently proves that the claim is correct.

http://www.cisco.com/en/US/products/products_security_advisory09186a0080a7bc86.shtml
Vendor Advisory
http://www.securityfocus.com/bid/33901
Third Party Advisory
VDB Entry
https://exchange.xforce.ibmcloud.com/vulnerabilities/48888
VDB Entry