Информационная безопасность
[RU] switch to English


Многочисленные уязвимости безопасности в Cisco Unified MeetingPlace
Опубликовано:28 января 2010 г.
Источник:
SecurityVulns ID:10566
Тип:удаленная
Уровень опасности:
6/10
Описание:SQL-инъекция, несанкционированный доступ, утечка информации, повышение привилегий.
Затронутые продукты:CISCO : Unified MeetingPlace 5
 CISCO : Unified MeetingPlace 6
 CISCO : Unified MeetingPlace 7
CVE:CVE-2010-0142 (MeetingTime in Cisco Unified MeetingPlace 6 before MR5, and possibly 5, allows remote authenticated users to gain privileges via a modified authentication sequence, aka Bug ID CSCsv66530.)
 CVE-2010-0141 (MeetingTime in Cisco Unified MeetingPlace 6 before MR5, and possibly 5, allows remote attackers to discover usernames, passwords, and unspecified other data from the user database via a modified authentication sequence to the Audio Server, aka Bug ID CSCsv76935.)
 CVE-2010-0140 (Multiple unspecified vulnerabilities in the web server in Cisco Unified MeetingPlace 7 before 7.0(2.3) hotfix 5F, 6 before 6.0.639.3, and possibly 5 allow remote attackers to create (1) user or (2) administrator accounts via a crafted URL in a request to the internal interface, aka Bug IDs CSCtc59231 and CSCtd40661.)
 CVE-2010-0139 (Cisco Unified MeetingPlace 7 before 7.0(2.3) hotfix 5F, 6 before 6.0.639.2, and possibly 5 does not properly validate SQL commands, which allows remote attackers to create, modify, or delete data in a database via unspecified vectors, aka Bug ID CSCtc39691.)
Оригинальный текстdocumentCISCO, Cisco Security Advisory: Multiple Vulnerabilities in Cisco Unified MeetingPlace (28.01.2010)

О сайте | Условия использования
© SecurityVulns, 3APA3A, Владимир Дубровин
Нижний Новгород