CVE-2015-4218

EUVD-2015-4241
The web-based user interface in Cisco Jabber through 9.6(3) and 9.7 through 9.7(5) on Windows allows remote attackers to obtain sensitive information via a crafted value in a GET request, aka Bug IDs CSCuu65622 and CSCuu70858.
ProviderTypeBase ScoreAtk. VectorAtk. ComplexityPriv. RequiredVector
NISTPrimary
5 UNKNOWN
NETWORK
LOW
AV:N/AC:L/Au:N/C:P/I:N/A:N
Base Score
CVSS 3.x
EPSS Score
Percentile: 62%
Affected Products (NVD)
VendorProductVersion
ciscojabber
9.6\(0\)
ciscojabber
9.6\(1\)
ciscojabber
9.6\(2\)
ciscojabber
9.6\(3\)
ciscojabber
9.7\(0\)
ciscojabber
9.7\(1\)
ciscojabber
9.7\(2\)
ciscojabber
9.7\(3\)
ciscojabber
9.7\(4\)
ciscojabber
9.7\(5\)
𝑥
= Vulnerable software versions
Common Weakness Enumeration
References
http://tools.cisco.com/security/center/viewAlert.x?alertId=39494
http://www.securityfocus.com/bid/75377
http://www.securitytracker.com/id/1032711
http://tools.cisco.com/security/center/viewAlert.x?alertId=39494
http://www.securityfocus.com/bid/75377
http://www.securitytracker.com/id/1032711