admin/cvelist
1
0
Fork 0
mirror of https://github.com/CVEProject/cvelist.git synced 2025-05-29 01:31:47 +00:00
Code Issues Packages Projects Releases Wiki Activity
cvelist/2016/6xxx/CVE-2016-6445.json
CVE Team c59d61c16f
"-Synchronized-Data."
2019-03-18 02:18:53 +00:00

72 lines
2.6 KiB
JSON
Raw Blame History

{
"CVE_data_meta": {
"ASSIGNER": "psirt@cisco.com",
"ID": "CVE-2016-6445",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "Cisco Meeting Server (CMS) before 2.0.6 and Acano Server before 1.8.18 and 1.9.x before 1.9.6",
"version": {
"version_data": [
{
"version_value": "Cisco Meeting Server (CMS) before 2.0.6 and Acano Server before 1.8.18 and 1.9.x before 1.9.6"
}
]
}
}
]
},
"vendor_name": "n/a"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "A vulnerability in the Extensible Messaging and Presence Protocol (XMPP) service of the Cisco Meeting Server (CMS) before 2.0.6 and Acano Server before 1.8.18 and 1.9.x before 1.9.6 could allow an unauthenticated, remote attacker to masquerade as a legitimate user. This vulnerability is due to the XMPP service incorrectly processing a deprecated authentication scheme. A successful exploit could allow an attacker to access the system as another user."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "unspecified"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "http://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20161012-msc",
"refsource": "CONFIRM",
"url": "http://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20161012-msc"
},
{
"name": "1037000",
"refsource": "SECTRACK",
"url": "http://www.securitytracker.com/id/1037000"
},
{
"name": "93517",
"refsource": "BID",
"url": "http://www.securityfocus.com/bid/93517"
}
]
}
}
Reference in New Issue View Git Blame Copy Permalink