CVE-2015-0589Improper Input Validation in Cisco Webex Meetings Server

CWE-20Improper Input Validation4 documents4 sources
Severity
9.0CRITICALNVD
EPSS
0.7%
top 27.13%
CISA KEV
Not in KEV
Exploit
No known exploits
Affected products
1
Cisco Webex Meetings Server
Timeline
PublishedFeb 7
Latest updateMay 17

Description

The administrative web interface in Cisco WebEx Meetings Server 1.0 through 1.5 allows remote authenticated users to execute arbitrary OS commands with root privileges via unspecified fields, aka Bug ID CSCuj40460.

CVSS vector

AV:N/AC:L/C:C/I:C/A:CExploitability: 8.0 | Impact: 10.0

Affected Packages1 packages

NVDcisco/webex_meetings_server1.0, 1.1, 1.5+2

🔴Vulnerability Details

2
GHSA
GHSA-hggx-9h6r-3w8r: The administrative web interface in Cisco WebEx Meetings Server 12022-05-17
CVEList
CVE-2015-0589: The administrative web interface in Cisco WebEx Meetings Server 12015-02-07

📋Vendor Advisories

1
Cisco
Cisco WebEx Meetings Server Command Injection Vulnerability2015-02-04
CVE-2015-0589 — Improper Input Validation in Cisco | cvebase