fkie_nvd - fkie_cve-2015-0668

fkie_cve-2015-0668

Vulnerability from fkie_nvd

Published

2015-03-20 01:59

Modified

2025-04-12 10:46

Severity ?

Summary

Cross-site scripting (XSS) vulnerability in the administration portal in Cisco WebEx Meetings Server 2.5 and 2.5.99.2 allows remote attackers to inject arbitrary web script or HTML via unspecified vectors, aka Bug ID CSCuq66737.

References

URL	Tags
psirt@cisco.com	http://tools.cisco.com/security/center/viewAlert.x?alertId=37934	Vendor Advisory
psirt@cisco.com	http://www.securitytracker.com/id/1031968
af854a3a-2127-422b-91ae-364da2661108	http://tools.cisco.com/security/center/viewAlert.x?alertId=37934	Vendor Advisory
af854a3a-2127-422b-91ae-364da2661108	http://www.securitytracker.com/id/1031968

Impacted products

	Vendor	Product	Version
	cisco	webex_meetings_server	2.5
	cisco	webex_meetings_server	2.5.99.2

JSON

To clipboard

{
  "configurations": [
    {
      "nodes": [
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:a:cisco:webex_meetings_server:2.5:*:*:*:*:*:*:*",
              "matchCriteriaId": "0ED83971-571B-4756-A0ED-A57D2D2E16A9",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:cisco:webex_meetings_server:2.5.99.2:*:*:*:*:*:*:*",
              "matchCriteriaId": "A8289371-84B7-4342-9EA6-2844A9C5DCDB",
              "vulnerable": true
            }
          ],
          "negate": false,
          "operator": "OR"
        }
      ]
    }
  ],
  "cveTags": [],
  "descriptions": [
    {
      "lang": "en",
      "value": "Cross-site scripting (XSS) vulnerability in the administration portal in Cisco WebEx Meetings Server 2.5 and 2.5.99.2 allows remote attackers to inject arbitrary web script or HTML via unspecified vectors, aka Bug ID CSCuq66737."
    },
    {
      "lang": "es",
      "value": "Vulnerabilidad XSS en el portal de administraci\u00f3n de Cisco WebEx Meetings Server 2.5 y 2.5.99.2 permite a atacantes remotos inyectar secuencias de comandos web o HTML arbitrarios a trav\u00e9s de vectores no especificados, tambi\u00e9n conocido como Bug ID CSCuq66737."
    }
  ],
  "id": "CVE-2015-0668",
  "lastModified": "2025-04-12T10:46:40.837",
  "metrics": {
    "cvssMetricV2": [
      {
        "acInsufInfo": false,
        "baseSeverity": "MEDIUM",
        "cvssData": {
          "accessComplexity": "MEDIUM",
          "accessVector": "NETWORK",
          "authentication": "NONE",
          "availabilityImpact": "NONE",
          "baseScore": 4.3,
          "confidentialityImpact": "NONE",
          "integrityImpact": "PARTIAL",
          "vectorString": "AV:N/AC:M/Au:N/C:N/I:P/A:N",
          "version": "2.0"
        },
        "exploitabilityScore": 8.6,
        "impactScore": 2.9,
        "obtainAllPrivilege": false,
        "obtainOtherPrivilege": false,
        "obtainUserPrivilege": false,
        "source": "nvd@nist.gov",
        "type": "Primary",
        "userInteractionRequired": true
      }
    ]
  },
  "published": "2015-03-20T01:59:00.063",
  "references": [
    {
      "source": "psirt@cisco.com",
      "tags": [
        "Vendor Advisory"
      ],
      "url": "http://tools.cisco.com/security/center/viewAlert.x?alertId=37934"
    },
    {
      "source": "psirt@cisco.com",
      "url": "http://www.securitytracker.com/id/1031968"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "tags": [
        "Vendor Advisory"
      ],
      "url": "http://tools.cisco.com/security/center/viewAlert.x?alertId=37934"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "url": "http://www.securitytracker.com/id/1031968"
    }
  ],
  "sourceIdentifier": "psirt@cisco.com",
  "vulnStatus": "Deferred",
  "weaknesses": [
    {
      "description": [
        {
          "lang": "en",
          "value": "CWE-79"
        }
      ],
      "source": "nvd@nist.gov",
      "type": "Primary"
    }
  ]
}

CVE-2015-0668 (GCVE-0-2015-0668)

Vulnerability from cvelistv5

Published

2015-03-20 01:00