Unauthorized Password Change in Cisco Unified MeetingPlace Web Conferencing
CVE-2015-4262

Currently unrated

Key Information:

Vendor: Cisco
Status: Unified Meetingplace Web Conferencing
Vendor: CVE Published:; 24 July 2015

What is CVE-2015-4262?

The password-change functionality in Cisco Unified MeetingPlace Web Conferencing versions prior to 8.5(5) MR3 and 8.6 before 8.6(2) is flawed, as it does not verify the session ID or mandate entry of the current password. This security weakness allows remote attackers to craft HTTP requests that can reset user passwords arbitrarily.

Human OS v1.0:
Ageing Is an Unpatched Zero-Day Vulnerability.

Remediate biological technical debt. Prime Ageing uses 95% high-purity SIRT6 activation to maintain genomic integrity and bolster systemic resilience.

Deploy the Patch

References

http://tools.cisco.com/security/center/content/CiscoSecur...

vendor-advisoryx_refsource_CISCO

http://www.securitytracker.com/id/1033024

vdb-entryx_refsource_SECTRACK

Timeline

Vulnerability published
Jul 24, 2015
Vulnerability Reserved
Jun 4, 2015

JSON

Cisco

What is CVE-2015-4262?

Human OS v1.0: Ageing Is an Unpatched Zero-Day Vulnerability.

References

Timeline

Human OS v1.0:
Ageing Is an Unpatched Zero-Day Vulnerability.