Cisco Unified MeetingPlace Information Leakage Vulnerability (CVE-2015-0763)
Cisco Unified MeetingPlace Information Leakage Vulnerability (CVE-2015-0763)
Release date:
Updated on:
Affected Systems:
Cisco uniied MeetingPlace 8.6 (1.2)
Description:
Bugtraq id: 74955
CVE (CAN) ID: CVE-2015-0763
The Cisco Unified MeetingPlace conferencing solution allows organizations to host integrated voice, video, and web meetings.
Cisco uniied MeetingPlace 8.6 (1.2) does not correctly verify the session ID in the http URL. Remote attackers can exploit this vulnerability to obtain sensitive session information by constructing a URL.
<* Source: Cisco
*>
Suggestion:
Vendor patch:
Cisco
-----
Currently, the vendor does not provide patches or upgrade programs. We recommend that users who use the software follow the vendor's homepage to obtain the latest version:
Http://tools.cisco.com/security/center/viewAlert.x? AlertId = 39162
This article permanently updates the link address: