var-201506-0306
Vulnerability from variot
The web-based user interface in Cisco Jabber through 9.6(3) and 9.7 through 9.7(5) on Windows allows remote attackers to obtain sensitive information via a crafted value in a GET request, aka Bug IDs CSCuu65622 and CSCuu70858. Vendors have confirmed this vulnerability Bug ID CSCuu65622 and CSCuu70858 It is released as.Skillfully crafted by a third party GET Important information may be obtained via the request value. Cisco Jabber is a cross-device collaboration system from Cisco. The system provides voice, video, desktop sharing and conferencing. This issue is being tracked by Cisco Bug ID's CSCuu65622 and CSCuu70858
Show details on source website{
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/VARIoTentry#",
"affected_products": {
"@id": "https://www.variotdbs.pl/ref/affected_products"
},
"configurations": {
"@id": "https://www.variotdbs.pl/ref/configurations"
},
"credits": {
"@id": "https://www.variotdbs.pl/ref/credits"
},
"cvss": {
"@id": "https://www.variotdbs.pl/ref/cvss/"
},
"description": {
"@id": "https://www.variotdbs.pl/ref/description/"
},
"exploit_availability": {
"@id": "https://www.variotdbs.pl/ref/exploit_availability/"
},
"external_ids": {
"@id": "https://www.variotdbs.pl/ref/external_ids/"
},
"iot": {
"@id": "https://www.variotdbs.pl/ref/iot/"
},
"iot_taxonomy": {
"@id": "https://www.variotdbs.pl/ref/iot_taxonomy/"
},
"patch": {
"@id": "https://www.variotdbs.pl/ref/patch/"
},
"problemtype_data": {
"@id": "https://www.variotdbs.pl/ref/problemtype_data/"
},
"references": {
"@id": "https://www.variotdbs.pl/ref/references/"
},
"sources": {
"@id": "https://www.variotdbs.pl/ref/sources/"
},
"sources_release_date": {
"@id": "https://www.variotdbs.pl/ref/sources_release_date/"
},
"sources_update_date": {
"@id": "https://www.variotdbs.pl/ref/sources_update_date/"
},
"threat_type": {
"@id": "https://www.variotdbs.pl/ref/threat_type/"
},
"title": {
"@id": "https://www.variotdbs.pl/ref/title/"
},
"type": {
"@id": "https://www.variotdbs.pl/ref/type/"
}
},
"@id": "https://www.variotdbs.pl/vuln/VAR-201506-0306",
"affected_products": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/affected_products#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
},
"@id": "https://www.variotdbs.pl/ref/sources"
}
},
"data": [
{
"model": "jabber",
"scope": "eq",
"trust": 1.6,
"vendor": "cisco",
"version": "9.7\\(2\\)"
},
{
"model": "jabber",
"scope": "eq",
"trust": 1.6,
"vendor": "cisco",
"version": "9.7\\(5\\)"
},
{
"model": "jabber",
"scope": "eq",
"trust": 1.6,
"vendor": "cisco",
"version": "9.6\\(1\\)"
},
{
"model": "jabber",
"scope": "eq",
"trust": 1.6,
"vendor": "cisco",
"version": "9.7\\(3\\)"
},
{
"model": "jabber",
"scope": "eq",
"trust": 1.6,
"vendor": "cisco",
"version": "9.6\\(2\\)"
},
{
"model": "jabber",
"scope": "eq",
"trust": 1.6,
"vendor": "cisco",
"version": "9.7\\(0\\)"
},
{
"model": "jabber",
"scope": "eq",
"trust": 1.6,
"vendor": "cisco",
"version": "9.7\\(1\\)"
},
{
"model": "jabber",
"scope": "eq",
"trust": 1.6,
"vendor": "cisco",
"version": "9.6\\(0\\)"
},
{
"model": "jabber",
"scope": "eq",
"trust": 1.6,
"vendor": "cisco",
"version": "9.7\\(4\\)"
},
{
"model": "jabber",
"scope": "eq",
"trust": 1.6,
"vendor": "cisco",
"version": "9.6\\(3\\)"
},
{
"model": "jabber",
"scope": "lte",
"trust": 0.8,
"vendor": "cisco",
"version": "9.6(3)"
},
{
"model": "jabber",
"scope": "eq",
"trust": 0.8,
"vendor": "cisco",
"version": "9.7(5) for up to 9.7"
},
{
"model": "jabber",
"scope": "lte",
"trust": 0.6,
"vendor": "cisco",
"version": "\u003c=9.6(3)"
},
{
"model": "jabber",
"scope": "eq",
"trust": 0.6,
"vendor": "cisco",
"version": "9.7-9.7(5)"
},
{
"model": "jabber for windows",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "9.7(5)"
},
{
"model": "jabber for windows",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "9.7(4)"
},
{
"model": "jabber for windows",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "9.7(3)"
},
{
"model": "jabber for windows",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "9.7(2)"
},
{
"model": "jabber for windows",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "9.7(1)"
},
{
"model": "jabber for windows",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "9.7(0)"
},
{
"model": "jabber for windows",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "9.6(3)"
},
{
"model": "jabber for windows",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "9.6(2)"
},
{
"model": "jabber for windows",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "9.6(1)"
},
{
"model": "jabber for windows",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "9.6(0)"
}
],
"sources": [
{
"db": "CNVD",
"id": "CNVD-2015-03994"
},
{
"db": "BID",
"id": "75377"
},
{
"db": "JVNDB",
"id": "JVNDB-2015-003272"
},
{
"db": "CNNVD",
"id": "CNNVD-201506-490"
},
{
"db": "NVD",
"id": "CVE-2015-4218"
}
]
},
"configurations": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/configurations#",
"children": {
"@container": "@list"
},
"cpe_match": {
"@container": "@list"
},
"data": {
"@container": "@list"
},
"nodes": {
"@container": "@list"
}
},
"data": [
{
"CVE_data_version": "4.0",
"nodes": [
{
"cpe_match": [
{
"cpe22Uri": "cpe:/a:cisco:jabber",
"vulnerable": true
}
],
"operator": "OR"
}
]
}
],
"sources": [
{
"db": "JVNDB",
"id": "JVNDB-2015-003272"
}
]
},
"credits": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/credits#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "Cisco",
"sources": [
{
"db": "BID",
"id": "75377"
}
],
"trust": 0.3
},
"cve": "CVE-2015-4218",
"cvss": {
"@context": {
"cvssV2": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/cvss/cvssV2#"
},
"@id": "https://www.variotdbs.pl/ref/cvss/cvssV2"
},
"cvssV3": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/cvss/cvssV3#"
},
"@id": "https://www.variotdbs.pl/ref/cvss/cvssV3/"
},
"severity": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/cvss/severity#"
},
"@id": "https://www.variotdbs.pl/ref/cvss/severity"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
},
"@id": "https://www.variotdbs.pl/ref/sources"
}
},
"data": [
{
"cvssV2": [
{
"accessComplexity": "LOW",
"accessVector": "NETWORK",
"authentication": "NONE",
"author": "nvd@nist.gov",
"availabilityImpact": "NONE",
"baseScore": 5.0,
"confidentialityImpact": "PARTIAL",
"exploitabilityScore": 10.0,
"id": "CVE-2015-4218",
"impactScore": 2.9,
"integrityImpact": "NONE",
"severity": "MEDIUM",
"trust": 1.8,
"vectorString": "AV:N/AC:L/Au:N/C:P/I:N/A:N",
"version": "2.0"
},
{
"accessComplexity": "LOW",
"accessVector": "NETWORK",
"authentication": "NONE",
"author": "CNVD",
"availabilityImpact": "NONE",
"baseScore": 5.0,
"confidentialityImpact": "PARTIAL",
"exploitabilityScore": 10.0,
"id": "CNVD-2015-03994",
"impactScore": 2.9,
"integrityImpact": "NONE",
"severity": "MEDIUM",
"trust": 0.6,
"vectorString": "AV:N/AC:L/Au:N/C:P/I:N/A:N",
"version": "2.0"
},
{
"accessComplexity": "LOW",
"accessVector": "NETWORK",
"authentication": "NONE",
"author": "VULHUB",
"availabilityImpact": "NONE",
"baseScore": 5.0,
"confidentialityImpact": "PARTIAL",
"exploitabilityScore": 10.0,
"id": "VHN-82179",
"impactScore": 2.9,
"integrityImpact": "NONE",
"severity": "MEDIUM",
"trust": 0.1,
"vectorString": "AV:N/AC:L/AU:N/C:P/I:N/A:N",
"version": "2.0"
}
],
"cvssV3": [],
"severity": [
{
"author": "nvd@nist.gov",
"id": "CVE-2015-4218",
"trust": 1.0,
"value": "MEDIUM"
},
{
"author": "NVD",
"id": "CVE-2015-4218",
"trust": 0.8,
"value": "Medium"
},
{
"author": "CNVD",
"id": "CNVD-2015-03994",
"trust": 0.6,
"value": "MEDIUM"
},
{
"author": "CNNVD",
"id": "CNNVD-201506-490",
"trust": 0.6,
"value": "MEDIUM"
},
{
"author": "VULHUB",
"id": "VHN-82179",
"trust": 0.1,
"value": "MEDIUM"
}
]
}
],
"sources": [
{
"db": "CNVD",
"id": "CNVD-2015-03994"
},
{
"db": "VULHUB",
"id": "VHN-82179"
},
{
"db": "JVNDB",
"id": "JVNDB-2015-003272"
},
{
"db": "CNNVD",
"id": "CNNVD-201506-490"
},
{
"db": "NVD",
"id": "CVE-2015-4218"
}
]
},
"description": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/description#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "The web-based user interface in Cisco Jabber through 9.6(3) and 9.7 through 9.7(5) on Windows allows remote attackers to obtain sensitive information via a crafted value in a GET request, aka Bug IDs CSCuu65622 and CSCuu70858. Vendors have confirmed this vulnerability Bug ID CSCuu65622 and CSCuu70858 It is released as.Skillfully crafted by a third party GET Important information may be obtained via the request value. Cisco Jabber is a cross-device collaboration system from Cisco. The system provides voice, video, desktop sharing and conferencing. \nThis issue is being tracked by Cisco Bug ID\u0027s CSCuu65622 and CSCuu70858",
"sources": [
{
"db": "NVD",
"id": "CVE-2015-4218"
},
{
"db": "JVNDB",
"id": "JVNDB-2015-003272"
},
{
"db": "CNVD",
"id": "CNVD-2015-03994"
},
{
"db": "BID",
"id": "75377"
},
{
"db": "VULHUB",
"id": "VHN-82179"
}
],
"trust": 2.52
},
"external_ids": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/external_ids#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"db": "NVD",
"id": "CVE-2015-4218",
"trust": 3.4
},
{
"db": "BID",
"id": "75377",
"trust": 2.0
},
{
"db": "SECTRACK",
"id": "1032711",
"trust": 1.1
},
{
"db": "JVNDB",
"id": "JVNDB-2015-003272",
"trust": 0.8
},
{
"db": "CNNVD",
"id": "CNNVD-201506-490",
"trust": 0.7
},
{
"db": "CNVD",
"id": "CNVD-2015-03994",
"trust": 0.6
},
{
"db": "VULHUB",
"id": "VHN-82179",
"trust": 0.1
}
],
"sources": [
{
"db": "CNVD",
"id": "CNVD-2015-03994"
},
{
"db": "VULHUB",
"id": "VHN-82179"
},
{
"db": "BID",
"id": "75377"
},
{
"db": "JVNDB",
"id": "JVNDB-2015-003272"
},
{
"db": "CNNVD",
"id": "CNNVD-201506-490"
},
{
"db": "NVD",
"id": "CVE-2015-4218"
}
]
},
"id": "VAR-201506-0306",
"iot": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/iot#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": true,
"sources": [
{
"db": "CNVD",
"id": "CNVD-2015-03994"
},
{
"db": "VULHUB",
"id": "VHN-82179"
}
],
"trust": 0.06999999999999999
},
"iot_taxonomy": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/iot_taxonomy#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"category": [
"Network device"
],
"sub_category": null,
"trust": 0.6
}
],
"sources": [
{
"db": "CNVD",
"id": "CNVD-2015-03994"
}
]
},
"last_update_date": "2024-11-23T22:56:25.153000Z",
"patch": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/patch#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"title": "39494",
"trust": 0.8,
"url": "http://tools.cisco.com/security/center/viewAlert.x?alertId=39494"
},
{
"title": "Patch for Cisco Jabber Information Disclosure Vulnerability",
"trust": 0.6,
"url": "https://www.cnvd.org.cn/patchInfo/show/60035"
}
],
"sources": [
{
"db": "CNVD",
"id": "CNVD-2015-03994"
},
{
"db": "JVNDB",
"id": "JVNDB-2015-003272"
}
]
},
"problemtype_data": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/problemtype_data#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"problemtype": "CWE-200",
"trust": 1.9
}
],
"sources": [
{
"db": "VULHUB",
"id": "VHN-82179"
},
{
"db": "JVNDB",
"id": "JVNDB-2015-003272"
},
{
"db": "NVD",
"id": "CVE-2015-4218"
}
]
},
"references": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/references#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"trust": 2.6,
"url": "http://tools.cisco.com/security/center/viewalert.x?alertid=39494"
},
{
"trust": 1.1,
"url": "http://www.securityfocus.com/bid/75377"
},
{
"trust": 1.1,
"url": "http://www.securitytracker.com/id/1032711"
},
{
"trust": 0.8,
"url": "http://cve.mitre.org/cgi-bin/cvename.cgi?name=cve-2015-4218"
},
{
"trust": 0.8,
"url": "https://web.nvd.nist.gov/view/vuln/detail?vulnid=cve-2015-4218"
},
{
"trust": 0.3,
"url": "http://www.cisco.com/"
}
],
"sources": [
{
"db": "CNVD",
"id": "CNVD-2015-03994"
},
{
"db": "VULHUB",
"id": "VHN-82179"
},
{
"db": "BID",
"id": "75377"
},
{
"db": "JVNDB",
"id": "JVNDB-2015-003272"
},
{
"db": "CNNVD",
"id": "CNNVD-201506-490"
},
{
"db": "NVD",
"id": "CVE-2015-4218"
}
]
},
"sources": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#",
"data": {
"@container": "@list"
}
},
"data": [
{
"db": "CNVD",
"id": "CNVD-2015-03994"
},
{
"db": "VULHUB",
"id": "VHN-82179"
},
{
"db": "BID",
"id": "75377"
},
{
"db": "JVNDB",
"id": "JVNDB-2015-003272"
},
{
"db": "CNNVD",
"id": "CNNVD-201506-490"
},
{
"db": "NVD",
"id": "CVE-2015-4218"
}
]
},
"sources_release_date": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources_release_date#",
"data": {
"@container": "@list"
}
},
"data": [
{
"date": "2015-06-26T00:00:00",
"db": "CNVD",
"id": "CNVD-2015-03994"
},
{
"date": "2015-06-24T00:00:00",
"db": "VULHUB",
"id": "VHN-82179"
},
{
"date": "2015-06-23T00:00:00",
"db": "BID",
"id": "75377"
},
{
"date": "2015-06-25T00:00:00",
"db": "JVNDB",
"id": "JVNDB-2015-003272"
},
{
"date": "2015-06-25T00:00:00",
"db": "CNNVD",
"id": "CNNVD-201506-490"
},
{
"date": "2015-06-24T10:59:11.790000",
"db": "NVD",
"id": "CVE-2015-4218"
}
]
},
"sources_update_date": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources_update_date#",
"data": {
"@container": "@list"
}
},
"data": [
{
"date": "2015-06-26T00:00:00",
"db": "CNVD",
"id": "CNVD-2015-03994"
},
{
"date": "2016-12-28T00:00:00",
"db": "VULHUB",
"id": "VHN-82179"
},
{
"date": "2015-06-23T00:00:00",
"db": "BID",
"id": "75377"
},
{
"date": "2015-06-25T00:00:00",
"db": "JVNDB",
"id": "JVNDB-2015-003272"
},
{
"date": "2015-06-25T00:00:00",
"db": "CNNVD",
"id": "CNNVD-201506-490"
},
{
"date": "2024-11-21T02:30:39.370000",
"db": "NVD",
"id": "CVE-2015-4218"
}
]
},
"threat_type": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/threat_type#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "remote",
"sources": [
{
"db": "CNNVD",
"id": "CNNVD-201506-490"
}
],
"trust": 0.6
},
"title": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/title#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "Cisco Jabber Information Disclosure Vulnerability",
"sources": [
{
"db": "CNVD",
"id": "CNVD-2015-03994"
},
{
"db": "CNNVD",
"id": "CNNVD-201506-490"
}
],
"trust": 1.2
},
"type": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/type#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "information disclosure",
"sources": [
{
"db": "CNNVD",
"id": "CNNVD-201506-490"
}
],
"trust": 0.6
}
}
Loading…
Loading…
Sightings
| Author | Source | Type | Date |
|---|
Nomenclature
- Seen: The vulnerability was mentioned, discussed, or seen somewhere by the user.
- Confirmed: The vulnerability is confirmed from an analyst perspective.
- Exploited: This vulnerability was exploited and seen by the user reporting the sighting.
- Patched: This vulnerability was successfully patched by the user reporting the sighting.
- Not exploited: This vulnerability was not exploited or seen by the user reporting the sighting.
- Not confirmed: The user expresses doubt about the veracity of the vulnerability.
- Not patched: This vulnerability was not successfully patched by the user reporting the sighting.
Loading…