Description
The web server in Cisco Unified MeetingPlace 6.1 and 8.5 produces different responses for directory queries depending on whether the directory exists, which allows remote attackers to enumerate directory names via a series of queries, aka Bug ID CSCtt94070.
References (2)
Core 2
Core References
Third Party Advisory, VDB Entry vdb-entry
x_refsource_bid
http://www.securityfocus.com/bid/53432
Vendor Advisory x_refsource_confirm
http://www.cisco.com/en/US/docs/voice_ip_comm/meetingplace/6_1/release_notes/mp61_rn.pdf
Scores
EPSS
0.0117
EPSS Percentile
63.7%
Details
CWE
CWE-200
Status
published
Products (2)
cisco/unified_meetingplace
6.1
cisco/unified_meetingplace
8.5
Published
May 03, 2012
Tracked Since
Feb 18, 2026