Cisco WebEx Meeting Center information leakage (CVE-2016-1410)
Cisco WebEx Meeting Center information leakage (CVE-2016-1410)
Release date:
Updated on:
Affected Systems:
Cisco WebEx Meeting Center
Description:
CVE (CAN) ID: CVE-2016-1410
Cisco WebEx Meetings is a network conferencing solution.
The site access control function of Cisco WebEx Meeting Center does not validate user input. Allows unauthenticated remote attackers to enumerate valid user accounts.
<* Source: Cisco
Link: https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20160526-wmc
*>
Suggestion:
Vendor patch:
Cisco
-----
Currently, the vendor does not provide patches or upgrade programs. We recommend that users who use the software follow the vendor's homepage to obtain the latest version:
Http://tools.cisco.com/security/center/publicationListing.x #~ CiscoSecurityResponse