Information disclosure in Cisco Webex_meeting_center

CVE-2015-4207

Cisco WebEx Meeting Center places a meeting's access number in a URL, which allows remote attackers to obtain sensitive information and bypass intended attendance restrictions by visiting a meeting-registration page, aka Bug ID CSCus62147.

Vulnerability class: Information Disclosure

EPSS: 0.003 (56.1th percentile) — read the EPSS interpretation.

Affected products

Cisco Webex_meeting_center
N/a — versions n/a

Weakness classification (CWE)

CWE-200 — Information Disclosure

References

75350 (Third Party Advisory, VDB Entry, vdb-entry, x_refsource_BID)
20150622 Cisco WebEx Meetings Meeting Access Number Vulnerability (x_refsource_CISCO, vendor-advisory, Vendor Advisory)
1032705 (Third Party Advisory, VDB Entry, vdb-entry, x_refsource_SECTRACK)