PT-2015-6466 · Cisco · Cisco Jabber
Published
2015-06-24
·
Updated
2016-12-28
·
CVE-2015-4218
CVSS v2.0
5.0
Medium
| Vector | AV:N/AC:L/Au:N/C:P/I:N/A:N |
Name of the Vulnerable Software and Affected Versions
Cisco Jabber versions 9.6(3) and earlier, 9.7 through 9.7(5)
Description
The issue allows remote attackers to obtain sensitive information via a crafted value in a GET request to the web-based user interface.
Recommendations
For versions 9.6(3) and earlier, and 9.7 through 9.7(5), update to a version later than 9.7(5) to resolve the issue.
Fix
Information Disclosure
Found an issue in the description? Have something to add? Feel free to write us 👾
Weakness Enumeration
Related Identifiers
Affected Products
Cisco Jabber