CVE-2015-4208
Cisco WebEx Meeting Center - Exposure of Sensitive Information via URL Parameter
Title source: llmDescription
Cisco WebEx Meeting Center does not properly restrict the content of URLs in GET requests, which allows remote attackers to obtain sensitive information or conduct SQL injection attacks via vectors involving read access to a request, aka Bug ID CSCup88398.
References (3)
Core 3
Core References
Vendor Advisory vendor-advisory
x_refsource_cisco
http://tools.cisco.com/security/center/viewAlert.x?alertId=39458
Third Party Advisory, VDB Entry vdb-entry
x_refsource_bid
http://www.securityfocus.com/bid/75361
Third Party Advisory, VDB Entry vdb-entry
x_refsource_sectrack
http://www.securitytracker.com/id/1032705
Scores
EPSS
0.0255
EPSS Percentile
83.2%
Details
CWE
CWE-200
CWE-89
Status
published
Products (1)
cisco/webex_meeting_center
Published
Jun 24, 2015
Tracked Since
Feb 18, 2026