Vulnerability Information
Although we use advanced large model technology, its output may still contain inaccurate or outdated information.Shenlong tries to ensure data accuracy, but please verify and judge based on the actual situation.
Vulnerability Title
N/A
Vulnerability Description
The Meeting Center component in Cisco WebEx 11 generates different error messages for invalid file-access attempts depending on whether a file exists, which allows remote authenticated users to enumerate files via a series of SPI calls, aka Bug ID CSCuc35965.
CVSS Information
N/A
Vulnerability Type
N/A
Vulnerability Title
Cisco WebEx Meeting Center组件权限许可和访问控制漏洞
Vulnerability Description
Cisco WebEx是美国思科(Cisco)公司的一套Web会议工具,该工具可协助异地办公人员进行协调合作。WebEx服务包括Web会议、网真视频会议和企业即时消息(IM)等。 Cisco WebEx 11.0版本中的Meeting Center组件中存在安全漏洞,该漏洞是因为程序会针对用户访问的文件不存在或无权限访问而返回不同的错误信息,攻击者可根据这些错误信息通过一系列的SPI调用枚举文件。
CVSS Information
N/A
Vulnerability Type
N/A