Improper Authorization in Cisco WebEx Meeting Center Allows Unauthorized Access to Host Calendars

Improper Authorization in Cisco WebEx Meeting Center Allows Unauthorized Access to Host Calendars

CVE-2015-4209 · MEDIUM Severity

AV:N/AC:L/AU:N/C:P/I:N/A:P

Cisco WebEx Meeting Center does not properly determine authorization for reading a host calendar, which allows remote attackers to obtain sensitive information by obtaining a list of all meetings and then sending a calendar request for each one, aka Bug ID CSCur23913.

Learn more about our Web App Pen Testing.