cisco-sa-20170315-webex

Cisco WebEx Meetings Server Authentication Bypass Vulnerability

cisco-sa-20170315-webex · Medium · Published 9 years ago · Updated 9 years ago

A vulnerability in Cisco WebEx Meetings Server could allow an unauthenticated, remote attacker to access limited meeting information on the Cisco WebEx Meetings Server. The vulnerability is due to the presence of deprecated code within the Cisco WebEx Meetings Server. An attacker could exploit this vulnerability by spoofing a legitimate user. An exploit could allow the attacker to view limited meeting information for that user contained on the server. There are no workarounds that address this vulnerability. This advisory is available at the following link: https://sec.cloudapps.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20170315-webex

Cisco advisory · CSAF JSON

Workarounds

There are no workarounds that address this vulnerability.

CVEs	CVE-2017-3880
Cisco Bug IDs	CSCvd50728
CVSS Score	Base 6.5 Base 6.5 CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:L/A:N/E:X/RL:X/RC:X
Product Names From Source	Cisco WebEx Meetings Server

Related Products

Product	CVE	Evidence
Cisco Webex Meetings	CVE-2017-3880	Cisco OpenVuln
Cisco WebEx Meetings Server	CVE-2017-3880	Cisco OpenVuln

Vulnslist

find the latest Cisco vulnerabilities

Cisco WebEx Meetings Server Authentication Bypass Vulnerability

Workarounds

Related Products