CVE-2015-0595

Published: Feb 2, 2015Modified: May 6, 2026

5.0

Vector

AV:N/AC:L/Au:N/C:P/I:N/A:N

Exploitability: 10.0 / Impact: 2.9

Source: NVD

Description

The XMLAPI in Cisco WebEx Meetings Server 1.5(.1.131) and earlier allows remote attackers to obtain sensitive information by reading return messages from crafted GET requests, aka Bug ID CSCuj67079.

Affected (1)

Products: Cisco: Webex Meetings Server

Cisco

1 product

Webex Meetings Server

Configuration A

1 vulnerable

Vulnerable Software	Affected Versions
Cisco Webex Meetings Server	Up to 1.5\(.1.131\)

Related CWEs

CWE-200

Exposure of Sensitive Information to an Unauthorized Actor

The product exposes sensitive information to an actor that is not explicitly authorized to have access to that information.

References (12)

http://secunia.com/advisories/62686

Source: psirt@cisco.com

http://tools.cisco.com/security/center/content/CiscoSecurityNotice/CVE-2015-0595

Source: psirt@cisco.com

Vendor Advisory

http://tools.cisco.com/security/center/viewAlert.x?alertId=37238

Source: psirt@cisco.com

Vendor Advisory

http://www.securityfocus.com/bid/72370

Source: psirt@cisco.com

Third Party AdvisoryVDB Entry

http://www.securitytracker.com/id/1031676

Source: psirt@cisco.com

Third Party AdvisoryVDB Entry

https://exchange.xforce.ibmcloud.com/vulnerabilities/100667

Source: psirt@cisco.com

http://secunia.com/advisories/62686