CVE-2015-4218Sensitive Information Exposure in Cisco Jabber

CWE-200Sensitive Information Exposure4 documents4 sources
Severity
5.0MEDIUMNVD
EPSS
0.4%
top 37.49%
CISA KEV
Not in KEV
Exploit
No known exploits
Affected products
1
Cisco Jabber
Timeline
PublishedJun 24
Latest updateMay 17

Description

The web-based user interface in Cisco Jabber through 9.6(3) and 9.7 through 9.7(5) on Windows allows remote attackers to obtain sensitive information via a crafted value in a GET request, aka Bug IDs CSCuu65622 and CSCuu70858.

CVSS vector

AV:N/AC:L/C:P/I:N/A:NExploitability: 10.0 | Impact: 2.9

Affected Packages1 packages

NVDcisco/jabber10 versions+9

🔴Vulnerability Details

2
GHSA
GHSA-7c78-wvwc-9rw6: The web-based user interface in Cisco Jabber through 92022-05-17
CVEList
CVE-2015-4218: The web-based user interface in Cisco Jabber through 92015-06-24

📋Vendor Advisories

1
Cisco
Cisco Jabber for Windows Web-Based User Interface Information Disclosure Vulnerability2015-06-23
CVE-2015-4218 — Sensitive Information Exposure in Cisco | cvebase