Details of VAR-201507-0534

ID

VAR-201507-0534

CVE

CVE-2015-4246

TITLE

** Delete ** Cisco WebEx Meeting Center Vulnerable to cross-site scripting

Trust: 0.8

sources: JVNDB: JVNDB-2015-003882

DESCRIPTION

Rejected reason: DO NOT USE THIS CANDIDATE NUMBER. ConsultIDs: none. Reason: This candidate was withdrawn by its CNA. Further investigation showed that it was not a security issue in customer-controlled software. Notes: none. Cisco WebEx Meeting Center Contains a cross-site scripting vulnerability. Vendors have confirmed this vulnerability Bug ID CSCuv01955 It is released as.By any third party through any unspecified value Web Script or HTML May be inserted. An attacker may leverage this issue to execute arbitrary script code in the browser of an unsuspecting user in the context of the affected site. This can allow the attacker to steal cookie-based authentication credentials and launch other attacks. This issue is being tracked by Cisco Bug ID CSCuv01955. The product invites others to join the meeting via email or instant messaging (IM), enabling online product demonstrations, information sharing, and more. A remote attacker can exploit this vulnerability to inject arbitrary web script or HTML

Trust: 1.98

sources: NVD: CVE-2015-4246 // JVNDB: JVNDB-2015-003882 // BID: 75956 // VULHUB: VHN-82207

AFFECTED PRODUCTS

vendor:	cisco	model:	webex meeting center	scope:	-	version:	-	Trust: 0.8
vendor:	cisco	model:	webex training center	scope:	eq	version:	-	Trust: 0.6
vendor:	cisco	model:	webex meeting center	scope:	eq	version:	0	Trust: 0.3

sources: BID: 75956 // JVNDB: JVNDB-2015-003882 // CNNVD: CNNVD-201507-694

CVSS

SEVERITY

CVSSV2

CVSSV3

CNNVD:	CNNVD-201507-694
value:	MEDIUM
Trust: 0.6

sources: CNNVD: CNNVD-201507-694

THREAT TYPE

remote

Trust: 0.6

sources: CNNVD: CNNVD-201507-694

TYPE

XSS

Trust: 0.6

sources: CNNVD: CNNVD-201507-694

CONFIGURATIONS

sources: JVNDB: JVNDB-2015-003882

PATCH

title:

39755

url:

http://tools.cisco.com/security/center/viewAlert.x?alertId=39755

Trust: 0.8

sources: JVNDB: JVNDB-2015-003882

EXTERNAL IDS

db:	NVD	id:	CVE-2015-4246	Trust: 2.8
db:	JVNDB	id:	JVNDB-2015-003882	Trust: 0.8
db:	CNNVD	id:	CNNVD-201507-694	Trust: 0.7
db:	NSFOCUS	id:	30493	Trust: 0.6
db:	BID	id:	75956	Trust: 0.4
db:	VULHUB	id:	VHN-82207	Trust: 0.1

sources: VULHUB: VHN-82207 // BID: 75956 // JVNDB: JVNDB-2015-003882 // CNNVD: CNNVD-201507-694 // NVD: CVE-2015-4246

REFERENCES

url:	http://tools.cisco.com/security/center/viewalert.x?alertid=39755	Trust: 1.0
url:	http://cve.mitre.org/cgi-bin/cvename.cgi?name=cve-2015-4246	Trust: 0.8
url:	http://web.nvd.nist.gov/view/vuln/detail?vulnid=cve-2015-4246	Trust: 0.8
url:	http://www.nsfocus.net/vulndb/30493	Trust: 0.6
url:	http://www.cisco.com/	Trust: 0.4
url:	http://www.cisco.com/en/us/products/ps12732/index.html	Trust: 0.4

sources: VULHUB: VHN-82207 // BID: 75956 // JVNDB: JVNDB-2015-003882 // CNNVD: CNNVD-201507-694

CREDITS

Cisco

Trust: 0.3

sources: BID: 75956

SOURCES

db:	VULHUB	id:	VHN-82207
db:	BID	id:	75956
db:	JVNDB	id:	JVNDB-2015-003882
db:	CNNVD	id:	CNNVD-201507-694
db:	NVD	id:	CVE-2015-4246

LAST UPDATE DATE

2024-08-14T14:33:56.584000+00:00

SOURCES UPDATE DATE

db:	VULHUB	id:	VHN-82207	date:	2015-07-31T00:00:00
db:	BID	id:	75956	date:	2015-07-20T00:00:00
db:	JVNDB	id:	JVNDB-2015-003882	date:	2015-07-23T00:00:00
db:	CNNVD	id:	CNNVD-201507-694	date:	2015-07-22T00:00:00
db:	NVD	id:	CVE-2015-4246	date:	2023-11-07T02:25:48.347

SOURCES RELEASE DATE

db:	VULHUB	id:	VHN-82207	date:	2015-07-21T00:00:00
db:	BID	id:	75956	date:	2015-07-20T00:00:00
db:	JVNDB	id:	JVNDB-2015-003882	date:	2015-07-23T00:00:00
db:	CNNVD	id:	CNNVD-201507-694	date:	2015-07-22T00:00:00
db:	NVD	id:	CVE-2015-4246	date:	2015-07-21T14:59:01.970