Information disclosure in Cisco Webex_meeting_center

CVE-2015-4194

The web-based administrative interface in Cisco WebEx Meeting Center provides different error messages for failed login attempts depending on whether the username exists or corresponds to a privileged account, which allows remote attackers…

Vulnerability class: Information Disclosure

EPSS: 0.004 (62.8th percentile) — read the EPSS interpretation.

Affected products

Cisco Webex_meeting_center
N/a — versions n/a

Weakness classification (CWE)

CWE-200 — Information Disclosure

References

20150618 Cisco WebEx Meeting Center Web-Based Administrative Interface User Enumeration Vulnerability (x_refsource_CISCO, vendor-advisory, Vendor Advisory)
75296 (Third Party Advisory, VDB Entry, vdb-entry, x_refsource_BID)
1032660 (Third Party Advisory, VDB Entry, vdb-entry, x_refsource_SECTRACK)