CVE-2010-0140

Multiple unspecified vulnerabilities in the web server in Cisco Unified MeetingPlace 7 before 7.0(2.3) hotfix 5F, 6 before 6.0.639.3, and possibly 5 allow remote attackers to create (1) user or (2) administrator accounts via a crafted URL in a request to the internal interface, aka Bug IDs CSCtc59231 and CSCtd40661.
ProviderTypeBase ScoreAtk. VectorAtk. ComplexityPriv. RequiredVector
NISTNIST
10 UNKNOWN
NETWORK
LOW
AV:N/AC:L/Au:N/C:C/I:C/A:C
ciscoCNA
---
---
CVEADP
---
---
Base Score
CVSS 3.x
EPSS Score
Percentile: 73%
VendorProductVersion
ciscounified_meetingplace
5.2
ciscounified_meetingplace
5.3
ciscounified_meetingplace
5.4
ciscounified_meetingplace
6.0
ciscounified_meetingplace
7.0
ciscounified_meetingplace
7.0.1
ciscounified_meetingplace
7.0.2
𝑥
= Vulnerable software versions
References
http://www.cisco.com/en/US/products/products_security_advisory09186a0080b1490b.shtml
http://www.securityfocus.com/bid/37965
http://www.cisco.com/en/US/products/products_security_advisory09186a0080b1490b.shtml
http://www.securityfocus.com/bid/37965