5.3
CVE-2017-12363
- EPSS 1.59%
- Veröffentlicht 30.11.2017 09:29:01
- Zuletzt bearbeitet 13.05.2026 00:24:29
- Quelle psirt@cisco.com
- CVE-Watchlists
- Unerledigt
A vulnerability in Cisco WebEx Meeting Server could allow an unauthenticated, remote attacker to modify the welcome message of a meeting on an affected system. The vulnerability is due to insufficient security settings on meetings. An attacker could exploit this vulnerability by modifying the welcome message to a meeting. A successful exploit could allow the attacker to modify the welcome message of any known meeting. Cisco Bug IDs: CSCvf68695.
Daten sind bereitgestellt durch National Vulnerability Database (NVD)
Cisco ≫ Webex Meetings Server Version2.6.0.8
Cisco ≫ Webex Meetings Server Version2.7
| Typ | Quelle | Score | Percentile |
|---|---|---|---|
| EPSS | FIRST.org | 1.59% | 0.725 |
| Quelle | Base Score | Exploit Score | Impact Score | Vector String |
|---|---|---|---|---|
| nvd@nist.gov | 5.3 | 3.9 | 1.4 |
CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:L/A:N
|
| nvd@nist.gov | 5 | 10 | 2.9 |
AV:N/AC:L/Au:N/C:N/I:P/A:N
|
CWE-668 Exposure of Resource to Wrong Sphere
The product exposes a resource to the wrong control sphere, providing unintended actors with inappropriate access to the resource.
http://www.securityfocus.com/bid/102000
http://www.securitytracker.com/id/1039921
https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20171129-webex3