CVE-2015-4276 — Improper Input Validation in Cisco Webex Meetings Server

CWE-20 — Improper Input Validation4 documents4 sources
Severity
6.5MEDIUMNVD
EPSS
1.2%
top 21.02%
CISA KEV
Not in KEV
Exploit
No known exploits
Affected products
1
Cisco Webex Meetings Server
Timeline
PublishedJul 16
Latest updateMay 17

Description

Cisco WebEx Meetings Server 2.5MR1 allows remote authenticated users to execute arbitrary code via a crafted command parameter, aka Bug ID CSCus56138.

CVSS vector

AV:N/AC:L/C:P/I:P/A:PExploitability: 8.0 | Impact: 6.4

Affected Packages1 packages

â–¶NVDcisco/webex_meetings_server2.5\(1\)

🔴Vulnerability Details

2
GHSA
GHSA-6jh7-v9q8-2jq6: Cisco WebEx Meetings Server 2↗2022-05-17
â–¶
CVEList
CVE-2015-4276: Cisco WebEx Meetings Server 2↗2015-07-16
â–¶

📋Vendor Advisories

1
Cisco
Cisco WebEx Meetings Server Remote Code Execution Vulnerability↗2015-07-15
â–¶
CVE-2015-4276 — Improper Input Validation in Cisco | cvebase