Vulnerabilities > Cisco > Unified Meetingplace WEB Conferencing > 7.0.1

DATE	CVE	VULNERABILITY TITLE	RISK
2015-07-24	CVE-2015-4262	Credentials Management vulnerability in Cisco Unified Meetingplace web Conferencing The password-change feature in Cisco Unified MeetingPlace Web Conferencing before 8.5(5) MR3 and 8.6 before 8.6(2) does not check the session ID or require entry of the current password, which allows remote attackers to reset arbitrary passwords via a crafted HTTP request, aka Bug ID CSCuu51839. network low complexity cisco CWE-255 critical	10.0
2009-02-26	CVE-2009-0614	Improper Authentication vulnerability in Cisco Unified Meetingplace web Conferencing 7.0(1) Unspecified vulnerability in the Web Server in Cisco Unified MeetingPlace Web Conferencing 6.0 before 6.0(517.0) (aka 6.0 MR4) and 7.0 before 7.0(2) (aka 7.0 MR1) allows remote attackers to bypass authentication and obtain administrative access via a crafted URL. network low complexity cisco CWE-287 critical	9.0

CVE is a registered MITRE Corporation trademark and MITRE's CVE website is the authoritative source of CVE content. CWE is a registered MITRE Corporation trademark and MITRE's CWE website is the authoritative source of CWE content.