How severe is CVE-2019-15987?

This vulnerability has a severity rating of MEDIUM with a CVSS score of 5.3 out of 10.

What type of vulnerability is CVE-2019-15987?

This is classified as CWE-287, which is a common weakness in software security.

CVE-2019-15987 - MEDIUM Severity | CVSS 5.3

Vulnerability Description

A vulnerability in web interface of the Cisco Webex Event Center, Cisco Webex Meeting Center, Cisco Webex Support Center, and Cisco Webex Training Center could allow an unauthenticated, remote attacker to guess account usernames. The vulnerability is due to missing CAPTCHA protection in certain URLs. An attacker could exploit this vulnerability by sending a crafted request to the web interface. A successful exploit could allow the attacker to know if a given username is valid and find the real name of the user.

Related Vulnerabilities

CVE-2013-1596

MEDIUM

CVSS:5.3(Medium)

An Authentication Bypass Vulnerability exists in Vivotek PT7135 IP Camera 0300a and 0400a via specially crafted RTSP packets to TCP port 554.

CWE-2872013

CVE-2013-1600

MEDIUM

CVSS:5.3(Medium)

An Authentication Bypass vulnerability exists in upnp/asf-mp4.asf when streaming live video in D-Link TESCO DCS-2121 1.05_TESCO, TESCO DCS-2102 1.05_TESCO, DCS-2121 1.06_FR, 1.06, and 1.05_RU, DCS-210...

CWE-2872013

CVE-2016-2102

MEDIUM

CVSS:5.3(Medium)

HAProxy statistics in openstack-tripleo-image-elements are non-authenticated over the network.

CWE-2872016

CVE-2016-5133

MEDIUM

CVSS:5.3(Medium)

Google Chrome before 52.0.2743.82 mishandles origin information during proxy authentication, which allows man-in-the-middle attackers to spoof a proxy-authentication login prompt or trigger incorrect ...

CWE-2872016

CVE-2016-9646

MEDIUM

CVSS:5.3(Medium)

ikiwiki before 3.20161229 incorrectly called the CGI::FormBuilder->field method (similar to the CGI->param API that led to Bugzilla's CVE-2014-1572), which can be abused to lead to commit metadata for...

CWE-2872016

CVE-2017-15272

MEDIUM

CVSS:5.3(Medium)

The PSFTPd 10.0.4 Build 729 server stores its configuration inside PSFTPd.dat. This file is a Microsoft Access Database and can be extracted. The application sets the encrypt flag with the password "I...

CWE-2872017