Cisco: >> Spark >> 2015-07-04_base Security Vulnerabilities
The REST interface in Cisco Spark 2015-07-04 allows remote attackers to bypass intended access restrictions and create arbitrary user accounts via unspecified web requests, aka Bug ID CSCuv72584.
CVSS Score
7.5
EPSS Score
0.004
Published
2016-02-12
The Cisco Spark application 2015-07-04 for mobile operating systems does not properly verify X.509 certificates from SSL servers, which allows man-in-the-middle attackers to spoof servers and obtain sensitive information via a crafted certificate, aka Bug IDs CSCut36742 and CSCut36844.
CVSS Score
4.3
EPSS Score
0.001
Published
2015-09-24