CVE-2015-4208

Cisco WebEx Meeting Center - Exposure of Sensitive Information via URL Parameter

Title source: llm
STIX 2.1

Description

Cisco WebEx Meeting Center does not properly restrict the content of URLs in GET requests, which allows remote attackers to obtain sensitive information or conduct SQL injection attacks via vectors involving read access to a request, aka Bug ID CSCup88398.

References (3)

Core 3
Core References
Vendor Advisory vendor-advisory x_refsource_cisco
http://tools.cisco.com/security/center/viewAlert.x?alertId=39458
Third Party Advisory, VDB Entry vdb-entry x_refsource_bid
http://www.securityfocus.com/bid/75361
Third Party Advisory, VDB Entry vdb-entry x_refsource_sectrack
http://www.securitytracker.com/id/1032705

Scores

EPSS 0.0255
EPSS Percentile 83.2%

Details

CWE
CWE-200 CWE-89
Status published
Products (1)
cisco/webex_meeting_center
Published Jun 24, 2015
Tracked Since Feb 18, 2026