admin/nvd-json-data-feeds
1
0
Fork 0
mirror of https://github.com/fkie-cad/nvd-json-data-feeds.git synced 2025-05-28 17:21:36 +00:00
Code Issues Packages Projects Releases Wiki Activity
nvd-json-data-feeds/CVE-2015/CVE-2015-42xx/CVE-2015-4262.json
cad-safe-bot 0c245865ae Auto-Update: 2025-01-26T03:00:19.791548+00:00
2025-01-26 03:03:52 +00:00

178 lines
6.9 KiB
JSON
Raw Blame History

{
"id": "CVE-2015-4262",
"sourceIdentifier": "psirt@cisco.com",
"published": "2015-07-24T14:59:02.227",
"lastModified": "2024-11-21T02:30:43.680",
"vulnStatus": "Modified",
"cveTags": [],
"descriptions": [
{
"lang": "en",
"value": "The password-change feature in Cisco Unified MeetingPlace Web Conferencing before 8.5(5) MR3 and 8.6 before 8.6(2) does not check the session ID or require entry of the current password, which allows remote attackers to reset arbitrary passwords via a crafted HTTP request, aka Bug ID CSCuu51839."
},
{
"lang": "es",
"value": "Vulnerabilidad en la funcionalidad password-change en Cisco Unified MeetingPlace Web Conferencing en versiones anteriores a la 8.5(5) MR3 y 8.6 anteriores a la 8.6(2), no comprueba el ID de sesi\u00f3n o exige el ingreso de la contrase\u00f1a actual, lo cual permite a atacantes remotos reiniciar arbitrariamente las contrase\u00f1as a trav\u00e9s de una petici\u00f3n HTTP manipulada, tambi\u00e9n conocido como Bug ID CSCuu51839."
}
],
"metrics": {
"cvssMetricV2": [
{
"source": "nvd@nist.gov",
"type": "Primary",
"cvssData": {
"version": "2.0",
"vectorString": "AV:N/AC:L/Au:N/C:C/I:C/A:C",
"baseScore": 10.0,
"accessVector": "NETWORK",
"accessComplexity": "LOW",
"authentication": "NONE",
"confidentialityImpact": "COMPLETE",
"integrityImpact": "COMPLETE",
"availabilityImpact": "COMPLETE"
},
"baseSeverity": "HIGH",
"exploitabilityScore": 10.0,
"impactScore": 10.0,
"acInsufInfo": false,
"obtainAllPrivilege": false,
"obtainUserPrivilege": false,
"obtainOtherPrivilege": false,
"userInteractionRequired": false
}
]
},
"weaknesses": [
{
"source": "nvd@nist.gov",
"type": "Primary",
"description": [
{
"lang": "en",
"value": "CWE-255"
}
]
}
],
"configurations": [
{
"nodes": [
{
"operator": "OR",
"negate": false,
"cpeMatch": [
{
"vulnerable": true,
"criteria": "cpe:2.3:a:cisco:unified_meetingplace_web_conferencing:6.0.417.0:*:*:*:*:*:*:*",
"matchCriteriaId": "B3D3E512-2A9F-43E0-A363-A9B7D81C2922"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:a:cisco:unified_meetingplace_web_conferencing:6.0_base:*:*:*:*:*:*:*",
"matchCriteriaId": "54B1E218-B378-4119-A439-23E74EA008C3"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:a:cisco:unified_meetingplace_web_conferencing:7.0\\(1\\):*:*:*:*:*:*:*",
"matchCriteriaId": "2BAD75EE-2B65-4E15-BCCD-02710E8FAECB"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:a:cisco:unified_meetingplace_web_conferencing:7.0\\(2\\):*:*:*:*:*:*:*",
"matchCriteriaId": "13A4496E-D15C-4506-8551-A29C49533573"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:a:cisco:unified_meetingplace_web_conferencing:7.0\\(2\\)_sr1:*:*:*:*:*:*:*",
"matchCriteriaId": "33682A2F-B5C4-4AEF-915E-DCDAE8A09891"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:a:cisco:unified_meetingplace_web_conferencing:7.0\\(3\\):*:*:*:*:*:*:*",
"matchCriteriaId": "D4D15FA7-CFDB-4DAD-854A-DF84B02ADEF9"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:a:cisco:unified_meetingplace_web_conferencing:7.1\\(1\\):*:*:*:*:*:*:*",
"matchCriteriaId": "449923E2-5772-400B-A353-0634774946AD"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:a:cisco:unified_meetingplace_web_conferencing:7.1\\(2\\):*:*:*:*:*:*:*",
"matchCriteriaId": "413A2232-EF73-4A00-96DF-F1BE3A12A532"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:a:cisco:unified_meetingplace_web_conferencing:8.0\\(1\\):*:*:*:*:*:*:*",
"matchCriteriaId": "69F97EA5-2520-4CD7-A4E8-BCBA3725A6F8"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:a:cisco:unified_meetingplace_web_conferencing:8.0\\(1\\)_sr1:*:*:*:*:*:*:*",
"matchCriteriaId": "C7A3E983-29CD-4A3C-B0AF-DE9C904A83EA"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:a:cisco:unified_meetingplace_web_conferencing:8.0\\(2\\):*:*:*:*:*:*:*",
"matchCriteriaId": "E32E4F4B-F093-47BE-B57B-0BD373E82BE6"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:a:cisco:unified_meetingplace_web_conferencing:8.5\\(1\\):*:*:*:*:*:*:*",
"matchCriteriaId": "2593F2B4-9583-4B58-8DE0-95C51DB21751"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:a:cisco:unified_meetingplace_web_conferencing:8.5\\(2\\):*:*:*:*:*:*:*",
"matchCriteriaId": "B2DB0F2C-AE4A-44E2-BCD1-6A6E642A3C4D"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:a:cisco:unified_meetingplace_web_conferencing:8.5\\(2\\)_sr1:*:*:*:*:*:*:*",
"matchCriteriaId": "19D5C268-DC1A-47A5-89C1-E55AD534158E"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:a:cisco:unified_meetingplace_web_conferencing:8.5\\(2\\)_sr2:*:*:*:*:*:*:*",
"matchCriteriaId": "6F823F50-D4E5-41D5-84A9-3ECB76028293"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:a:cisco:unified_meetingplace_web_conferencing:8.5\\(3\\):*:*:*:*:*:*:*",
"matchCriteriaId": "9819C361-160B-46EE-818F-E25FF7DDA0F0"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:a:cisco:unified_meetingplace_web_conferencing:8.5\\(4\\):*:*:*:*:*:*:*",
"matchCriteriaId": "525417A0-E568-43AB-8BE4-6C1F93F6D935"
}
]
}
]
}
],
"references": [
{
"url": "http://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20150722-mp",
"source": "psirt@cisco.com",
"tags": [
"Vendor Advisory"
]
},
{
"url": "http://www.securitytracker.com/id/1033024",
"source": "psirt@cisco.com"
},
{
"url": "http://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20150722-mp",
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Vendor Advisory"
]
},
{
"url": "http://www.securitytracker.com/id/1033024",
"source": "af854a3a-2127-422b-91ae-364da2661108"
}
]
}
Reference in New Issue View Git Blame Copy Permalink