CVE-2010-0142 - OpenCVE

MeetingTime in Cisco Unified MeetingPlace 6 before MR5, and possibly 5, allows remote authenticated users to gain privileges via a modified authentication sequence, aka Bug ID CSCsv66530.

No CVSS v3.1

No CVSS v3.0

Access Vector Network

Access Complexity Medium

Authentication Single

Confidentiality Impact Complete

Integrity Impact Complete

Availability Impact Complete

AV:N/AC:M/Au:S/C:C/I:C/A:C

Vendors & Products
CPE Configurations

Vendors	Products
Cisco	Unified Meetingplace

Configuration 1 [-]

OR	cpe:2.3:a:cisco:unified_meetingplace:5.2:::::::*
	cpe:2.3:a:cisco:unified_meetingplace:5.3:::::::*
	cpe:2.3:a:cisco:unified_meetingplace:5.4:::::::*
	cpe:2.3:a:cisco:unified_meetingplace:6.0:::::::*

References

Link	Resource
http://www.cisco.com/en/US/products/products_security_advisory09186a0080b1490b.shtml	Patch Vendor Advisory
http://www.securityfocus.com/bid/37965

History

No history.

MITRE Information

Status: PUBLISHED

Assigner: cisco

Published: 2022-10-03T16:21:12

Updated: 2022-10-03T16:21:12

Reserved: 2022-10-03T00:00:00

Link: CVE-2010-0142

JSON object: View

NVD Information

Status : Analyzed

Published: 2010-01-28T20:30:01.557

Modified: 2010-01-31T05:00:00.000

Link: CVE-2010-0142

JSON object: View

Redhat Information

No data.

CWE

CWE-264

{"configurations": [{"nodes": [{"cpeMatch": [{"criteria": "cpe:2.3:a:cisco:unified_meetingplace:5.2:*:*:*:*:*:*:*", "matchCriteriaId": "1BEEA514-EE52-4BB3-97BD-04246D6F6D7B", "vulnerable": true}, {"criteria": "cpe:2.3:a:cisco:unified_meetingplace:5.3:*:*:*:*:*:*:*", "matchCriteriaId": "C8F37B63-53F3-4497-BF6D-22E1C1D5D2C3", "vulnerable": true}, {"criteria": "cpe:2.3:a:cisco:unified_meetingplace:5.4:*:*:*:*:*:*:*", "matchCriteriaId": "A19AF4C2-980E-4FDA-8EA3-372C313C037B", "vulnerable": true}, {"criteria": "cpe:2.3:a:cisco:unified_meetingplace:6.0:*:*:*:*:*:*:*", "matchCriteriaId": "52D721B4-C0B8-4B7C-8C18-6B6B699B48E0", "vulnerable": true}], "negate": false, "operator": "OR"}]}], "descriptions": [{"lang": "en", "value": "MeetingTime in Cisco Unified MeetingPlace 6 before MR5, and possibly 5, allows remote authenticated users to gain privileges via a modified authentication sequence, aka Bug ID CSCsv66530."}, {"lang": "es", "value": "MeetingTime en Cisco Unified MeetingPlace v6 anteriores a MR5, y posiblemente v5, permite a usuarios remotos autenticados ganar privilegios a trav\u00e9s de una secuencia modificada de autenticaci\u00f3n, tambi\u00e9n conocido como bug ID CSCsv66530."}], "evaluatorComment": "Per: http://www.cisco.com/en/US/products/products_security_advisory09186a0080b1490b.shtml\r\n\r\n\r\nAffected Products\r\nVulnerable Products\r\n\r\nCisco Unified MeetingPlace versions 5, 6, and 7 are each affected by at least one of the vulnerabilities described in this document.\r\n\r\n", "id": "CVE-2010-0142", "lastModified": "2010-01-31T05:00:00.000", "metrics": {"cvssMetricV2": [{"acInsufInfo": false, "baseSeverity": "HIGH", "cvssData": {"accessComplexity": "MEDIUM", "accessVector": "NETWORK", "authentication": "SINGLE", "availabilityImpact": "COMPLETE", "baseScore": 8.5, "confidentialityImpact": "COMPLETE", "integrityImpact": "COMPLETE", "vectorString": "AV:N/AC:M/Au:S/C:C/I:C/A:C", "version": "2.0"}, "exploitabilityScore": 6.8, "impactScore": 10.0, "obtainAllPrivilege": true, "obtainOtherPrivilege": false, "obtainUserPrivilege": false, "source": "nvd@nist.gov", "type": "Primary", "userInteractionRequired": false}]}, "published": "2010-01-28T20:30:01.557", "references": [{"source": "ykramarz@cisco.com", "tags": ["Patch", "Vendor Advisory"], "url": "http://www.cisco.com/en/US/products/products_security_advisory09186a0080b1490b.shtml"}, {"source": "ykramarz@cisco.com", "url": "http://www.securityfocus.com/bid/37965"}], "sourceIdentifier": "ykramarz@cisco.com", "vulnStatus": "Analyzed", "weaknesses": [{"description": [{"lang": "en", "value": "CWE-264"}], "source": "nvd@nist.gov", "type": "Primary"}]}