CVE-2018-0119

Name of the Vulnerable Software and Affected Versions: Cisco Spark (affected versions not specified)

Description: A vulnerability in Cisco Spark's account services authentication controls could allow an authenticated, remote attacker to access and view prohibited information on an affected device. This issue arises from the improper display of user-account tokens. An attacker could exploit this by logging in with a token used by another account, potentially causing a partial impact to the device's confidentiality, integrity, and availability.

Recommendations: At the moment, there is no information about a newer version that contains a fix for this vulnerability.