CVE-2010-0142

MeetingTime in Cisco Unified MeetingPlace 6 before MR5, and possibly 5, allows remote authenticated users to gain privileges via a modified authentication sequence, aka Bug ID CSCsv66530.

CVSS v2.0 8.5 HIGH

8.5^/10

CVSS v2.0 : HIGH

V2 Legend

Vector : AV:N/AC:M/Au:S/C:C/I:C/A:C

Exploitability : 6.8 / Impact : 10.0

Access Vector NETWORK

Access Complexity MEDIUM

Authentication SINGLE

Confidentiality Impact COMPLETE

Integrity Impact COMPLETE

Availability Impact COMPLETE

References

Link	Resource
http://www.cisco.com/en/US/products/products_security_advisory09186a0080b1490b.shtml	Patch Vendor Advisory
http://www.securityfocus.com/bid/37965

Configurations

Configuration 1 (hide)

OR	cpe:2.3:a:cisco:unified_meetingplace:6.0:::::::*
	cpe:2.3:a:cisco:unified_meetingplace:5.3:::::::*
	cpe:2.3:a:cisco:unified_meetingplace:5.4:::::::*
	cpe:2.3:a:cisco:unified_meetingplace:5.2:::::::*

Information

Published : 2010-01-28 12:30

Updated : 2010-01-30 21:00

NVD link : CVE-2010-0142

Mitre link : CVE-2010-0142

JSON object : View

CWE

CWE-264

Permissions, Privileges, and Access Controls

Products Affected

cisco

unified_meetingplace

8.5 /10