Information Disclosure in Cisco Unified MeetingPlace by Cisco Systems
CVE-2015-4214

Currently unrated

Key Information:

Vendor: Cisco
Status: Unified Meetingplace
Vendor: CVE Published:; 24 June 2015

What is CVE-2015-4214?

The Cisco Unified MeetingPlace versions 8.6(1.2) and 8.6(1.9) are affected by an information disclosure vulnerability that allows remote authenticated users to access cleartext passwords by examining the HTML source code of the application. This security flaw could lead to unauthorized information exposure, compromising user credentials and potentially leading to further security risks within the system.

References

http://www.securityfocus.com/bid/75380

vdb-entryx_refsource_BID

http://tools.cisco.com/security/center/viewAlert.x?alertI...

vendor-advisoryx_refsource_CISCO

http://www.securitytracker.com/id/1032703

vdb-entryx_refsource_SECTRACK

Download the Critical Vulnerability Management Cheat Sheet

Timeline

Vulnerability published
Jun 24, 2015
Vulnerability Reserved
Jun 4, 2015