CVE-2011-4232: Infoleak
First published: Thu May 03 2012(Updated: )
The web server in Cisco Unified MeetingPlace 6.1 and 8.5 produces different responses for directory queries depending on whether the directory exists, which allows remote attackers to enumerate directory names via a series of queries, aka Bug ID CSCtt94070.
Credit: ykramarz@cisco.com
| Affected Software | Affected Version | How to fix |
|---|---|---|
| Cisco Unified MeetingPlace | =6.1 | |
| Cisco Unified MeetingPlace | =8.5 |
Never miss a vulnerability like this again
Sign up to SecAlerts for real-time vulnerability data matched to your software, aggregated from hundreds of sources.
Reference Links
Frequently Asked Questions
What is the severity of CVE-2011-4232?
The severity of CVE-2011-4232 is classified as medium due to its potential for directory enumeration.
How do I fix CVE-2011-4232?
To fix CVE-2011-4232, it is recommended to upgrade to a patched version of Cisco Unified MeetingPlace that addresses this vulnerability.
What are the affected versions of Cisco Unified MeetingPlace for CVE-2011-4232?
CVE-2011-4232 affects Cisco Unified MeetingPlace versions 6.1 and 8.5.
What type of attack is possible with CVE-2011-4232?
CVE-2011-4232 allows remote attackers to perform directory name enumeration through different response outputs from the web server.
Is CVE-2011-4232 still a concern for current systems?
CVE-2011-4232 remains a concern for systems that continue to use affected versions of Cisco Unified MeetingPlace without updates.
- collector/nvd-historical
- collector/nvd-index
- agent/references
- agent/softwarecombine
- agent/type
- collector/mitre-cve
- source/MITRE
- agent/author
- agent/weakness
- agent/last-modified-date
- agent/severity
- agent/tags
- agent/first-publish-date
- agent/description
- agent/event
- agent/source
- vendor/cisco
- canonical/cisco unified meetingplace
- version/cisco unified meetingplace/6.1
- version/cisco unified meetingplace/8.5