A vulnerability in web interface of the Cisco Webex Event Center, Cisco Webex Meeting Center, Cisco Webex Support Center, and Cisco Webex Training Center could allow an unauthenticated, remote attacker to guess account usernames. The vulnerability is due to missing CAPTCHA protection in certain URLs. An attacker could exploit this vulnerability by sending a crafted request to the web interface. A successful exploit could allow the attacker to know if a given username is valid and find the real name of the user.
History

Tue, 19 Nov 2024 19:15:00 +0000

Type Values Removed Values Added
Metrics ssvc

{'options': {'Automatable': 'yes', 'Exploitation': 'none', 'Technical Impact': 'partial'}, 'version': '2.0.3'}


cve-icon MITRE

Status: PUBLISHED

Assigner: cisco

Published: 2019-11-26T03:42:14.157661Z

Updated: 2024-11-19T18:51:20.685Z

Reserved: 2019-09-06T00:00:00

Link: CVE-2019-15987

cve-icon Vulnrichment

Updated: 2024-08-05T01:03:32.668Z

cve-icon NVD

Status : Modified

Published: 2019-11-26T04:15:11.903

Modified: 2024-11-21T04:29:52.630

Link: CVE-2019-15987

cve-icon Redhat

No data.