6.5

CVE-2017-3880

EPSS 0.38%
Veröffentlicht 17.03.2017 22:59:00
Zuletzt bearbeitet 20.04.2025 01:37:25
Quelle psirt@cisco.com
CVE-Watchlists
Login
Unerledigt
Login

An Authentication Bypass vulnerability in Cisco WebEx Meetings Server could allow an unauthenticated, remote attacker to access limited meeting information on the Cisco WebEx Meetings Server. More Information: CSCvd50728. Known Affected Releases: 2.6 2.7 2.8 CWMS-2.5MR1 Orion1.1.2.patch T29_orion_merge.

Betroffene Produkte Warnungen 0 Metriken 3 CWE 1 Referenzen 6

Daten sind bereitgestellt durch National Vulnerability Database (NVD)

Cisco ≫ Webex Meetings Server Version2.5.1.5

Cisco ≫ Webex Meetings Server Version2.5.1.29

Cisco ≫ Webex Meetings Server Version2.5.99.2

Cisco ≫ Webex Meetings Server Version2.5_base

Cisco ≫ Webex Meetings Server Version2.5_mr1

Cisco ≫ Webex Meetings Server Version2.5_mr2

Cisco ≫ Webex Meetings Server Version2.5_mr2 Updatepatch_1

Cisco ≫ Webex Meetings Server Version2.5_mr3

Cisco ≫ Webex Meetings Server Version2.5_mr4

Cisco ≫ Webex Meetings Server Version2.5_mr5

Cisco ≫ Webex Meetings Server Version2.5_mr5 Updatepatch_1

Cisco ≫ Webex Meetings Server Version2.5_mr6

Cisco ≫ Webex Meetings Server Version2.5_mr6 Updatepatch_1

Cisco ≫ Webex Meetings Server Version2.5_mr6 Updatepatch_2

Cisco ≫ Webex Meetings Server Version2.5_mr6 Updatepatch_3

Cisco ≫ Webex Meetings Server Version2.5_mr6 Updatepatch_4

Cisco ≫ Webex Meetings Server Version2.6.0

Cisco ≫ Webex Meetings Server Version2.6.1.39

Cisco ≫ Webex Meetings Server Version2.6_mr1

Cisco ≫ Webex Meetings Server Version2.6_mr1 Updatepatch_1

Cisco ≫ Webex Meetings Server Version2.6_mr2

Cisco ≫ Webex Meetings Server Version2.6_mr2 Updatepatch_1

Cisco ≫ Webex Meetings Server Version2.6_mr3

Cisco ≫ Webex Meetings Server Version2.6_mr3 Updatepatch_1

Cisco ≫ Webex Meetings Server Version2.6_mr3 Updatepatch_2

Cisco ≫ Webex Meetings Server Version2.7.1

Cisco ≫ Webex Meetings Server Version2.7_base

Cisco ≫ Webex Meetings Server Version2.7_mr1

Cisco ≫ Webex Meetings Server Version2.7_mr1 Updatepatch_1

Cisco ≫ Webex Meetings Server Version2.7_mr2

Cisco ≫ Webex Meetings Server Version2.7_mr2 Updatepatch_1

Zu dieser CVE wurde keine CISA KEV oder CERT.AT-Warnung gefunden.

EPSS Metriken
Typ	Quelle	Score	Percentile
EPSS	FIRST.org	0.38%	0.564

CVSS Metriken
Quelle	Base Score	Exploit Score	Impact Score	Vector String
nvd@nist.gov	6.5	3.9	2.5	CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:L/A:N
nvd@nist.gov	6.4	10	4.9	AV:N/AC:L/Au:N/C:P/I:P/A:N

CWE-287 Improper Authentication

When an actor claims to have a given identity, the product does not prove or insufficiently proves that the claim is correct.

http://www.securityfocus.com/bid/96918

Third Party Advisory

VDB Entry

http://www.securitytracker.com/id/1038040

https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20170315-webex

Vendor Advisory

https://nvd.nist.gov/vuln/detail/CVE-2017-3880

CVE Source (NVD)

https://cveawg.mitre.org/api/cve/CVE-2017-3880

CVE Source (JSON)

https://euvd.enisa.europa.eu/vulnerability/CVE-2017-3880

EUVD