CVE-2015-0589: Input Validation
First published: Sat Feb 07 2015(Updated: )
The administrative web interface in Cisco WebEx Meetings Server 1.0 through 1.5 allows remote authenticated users to execute arbitrary OS commands with root privileges via unspecified fields, aka Bug ID CSCuj40460.
Credit: ykramarz@cisco.com
| Affected Software | Affected Version | How to fix |
|---|---|---|
| Cisco Webex Meetings Server | =1.0 | |
| Cisco Webex Meetings Server | =1.1 | |
| Cisco Webex Meetings Server | =1.5 |
Never miss a vulnerability like this again
Sign up to SecAlerts for real-time vulnerability data matched to your software, aggregated from hundreds of sources.
Reference Links
Frequently Asked Questions
What is the severity of CVE-2015-0589?
CVE-2015-0589 is considered a critical vulnerability due to its potential to allow remote authenticated users to execute arbitrary OS commands with root privileges.
How do I fix CVE-2015-0589?
To fix CVE-2015-0589, upgrade your Cisco WebEx Meetings Server to a version beyond 1.5 that addresses this vulnerability.
Who is affected by CVE-2015-0589?
CVE-2015-0589 affects users of Cisco WebEx Meetings Server versions 1.0, 1.1, and 1.5.
What can attackers do with CVE-2015-0589?
Attackers exploiting CVE-2015-0589 can execute arbitrary operating system commands with root privileges, potentially compromising the system.
Is CVE-2015-0589 being actively exploited?
There have been reports indicating that CVE-2015-0589 is being exploited in the wild, necessitating prompt action from affected users.
- agent/type
- agent/last-modified-date
- agent/first-publish-date
- agent/references
- agent/severity
- agent/weakness
- agent/author
- agent/softwarecombine
- agent/tags
- agent/description
- agent/event
- collector/nvd-index
- agent/software-canonical-lookup-request
- vendor/cisco
- canonical/cisco webex meetings server
- version/cisco webex meetings server/1.0
- version/cisco webex meetings server/1.1
- version/cisco webex meetings server/1.5