VRDA Feed : Provides information for vulnerability impact analysis

VRDA Feed by

Vulnerability Response Decision Assistance Feed : Information for vulnerability impact analysis

[ about VRDA Feed | JPCERT/CC ]

Vulnerability Analysis Result (Revision No : 1)

[ Download XML ]

VRDA-100201-001

Multiple Vulnerabilities in Cisco Unified MeetingPlace

http://www.cisco.com/warp/public/707/cisco-sa-20100127-mp.shtml

Multiple vulnerabilities exist in Cisco Unified MeetingPlace. This security advisory outlines the details of these vulnerabilities:Insufficient validation of SQL commands, Unauthorized account creation, User and password enumeration in Cisco MeetingTime, Privilege escalation in Cisco MeetingTime. Workarounds are not available for these vulnerabilities.

About This Analysis Information

Analysis Information Provider:

JPCERT/CC

First Published:

2010-02-01

Source Information Category:

Advisory, Alert

Last Updated:

2010-02-01

Affected Product Tags

cpe:/a:cisco:meetingplace (Cisco MeetingPlace)

Vulnerability Analysis Results

[Information Source Reliability]^[?]

Low^[?]

Medium^[?]

High^[?]

[Impact Level]^[?]

Low^[?]

Low-Medium^[?]

Medium-High^[?]

High^[?]

[Access Required]^[?]

Physical^[?]

Local^[?]

Non-routed^[?]

Routed^[?]

[Authentication]^[?]

Privileged^[?]

Standard^[?]

Limited^[?]

None or Unnecessary^[?]

[User Interaction Required]^[?]

Complex^[?]

Simple^[?]

None^[?]

[Technical Difficulty]^[?]

High^[?]

Medium-High^[?]

Low-Medium^[?]

Low^[?]

[Availability of Remediation]^[?]

Official Patch^[?]

Official Workaround^[?]

Unofficial Patch^[?]

None^[?]

[Incident Activity]^[?]

None^[?]

Exploit or PoC^[?]

Activity Observed^[?]

Alternatives

References

Common Vulnerabilities and Exposures (CVE) CVE-2010-0139

Common Vulnerabilities and Exposures (CVE) CVE-2010-0140

Common Vulnerabilities and Exposures (CVE) CVE-2010-0141

Common Vulnerabilities and Exposures (CVE) CVE-2010-0142