CVE-2010-0140
Last modified
CVE-2010-0140 is a vulnerability of currently unknown severity. Multiple unspecified vulnerabilities in the web server in Cisco Unified MeetingPlace 7 before 7.0(2.3) hotfix 5F, 6 before 6.0.639.3, and possibly 5 allow remote attackers to create (1) user or (2) administrator accounts via a crafted URL in a request to the internal interface, aka Bug IDs CSCtc59231 and CSCtd40661.. EPSS estimates a 2.63% chance of exploitation in the next 30 days.
Description
Multiple unspecified vulnerabilities in the web server in Cisco Unified MeetingPlace 7 before 7.0(2.3) hotfix 5F, 6 before 6.0.639.3, and possibly 5 allow remote attackers to create (1) user or (2) administrator accounts via a crafted URL in a request to the internal interface, aka Bug IDs CSCtc59231 and CSCtd40661.
Metrics
Affected Software
| Vendor | Product | Versions |
|---|---|---|
| Cisco | Unified Meetingplace | 5.2 |
| Cisco | Unified Meetingplace | 5.3 |
| Cisco | Unified Meetingplace | 5.4 |
| Cisco | Unified Meetingplace | 6.0 |
| Cisco | Unified Meetingplace | 7.0 |
| Cisco | Unified Meetingplace | 7.0.1 |
| Cisco | Unified Meetingplace | 7.0.2 |
References
Timeline
- Published
- Last Modified
- Status
- Modified
Frequently Asked Questions
What is CVE-2010-0140?
How severe is CVE-2010-0140?
How do I fix CVE-2010-0140?
Are you affected by CVE-2010-0140?
Run a free Strix scan to check your systems for this vulnerability.
Scan your code nowSource: NVD / NIST