Vulnerabilities > Cisco > Spark > 2015.07.04.base
DATE | CVE | VULNERABILITY TITLE | RISK |
---|---|---|---|
2016-02-12 | CVE-2016-1322 | Permissions, Privileges, and Access Controls vulnerability in Cisco Spark 20150704Base The REST interface in Cisco Spark 2015-07-04 allows remote attackers to bypass intended access restrictions and create arbitrary user accounts via unspecified web requests, aka Bug ID CSCuv72584. | 5.0 |
2015-09-24 | CVE-2015-6303 | Information Exposure vulnerability in Cisco Spark 20150704Base The Cisco Spark application 2015-07-04 for mobile operating systems does not properly verify X.509 certificates from SSL servers, which allows man-in-the-middle attackers to spoof servers and obtain sensitive information via a crafted certificate, aka Bug IDs CSCut36742 and CSCut36844. | 4.3 |