Note:
This project will be discontinued after December 13, 2021. [more]
Product:
Webex_meetings_server
(Cisco)| Repositories |
Unknown: This might be proprietary software. |
| #Vulnerabilities | 133 |
| Date | Id | Summary | Products | Score | Patch | Annotated |
|---|---|---|---|---|---|---|
| 2017-02-01 | CVE-2017-3823 | An issue was discovered in the Cisco WebEx Extension before 1.0.7 on Google Chrome, the ActiveTouch General Plugin Container before 106 on Mozilla Firefox, the GpcContainer Class ActiveX control plugin before 10031.6.2017.0126 on Internet Explorer, and the Download Manager ActiveX control plugin before 2.1.0.10 on Internet Explorer. A vulnerability in these Cisco WebEx browser extensions could allow an unauthenticated, remote attacker to execute arbitrary code with the privileges of the... | Activetouch_general_plugin_container, Download_manager, Gpccontainer_class, Webex, Webex_meeting_center, Webex_meetings_server | 8.8 | ||
| 2017-03-17 | CVE-2017-3811 | An XML External Entity vulnerability in Cisco WebEx Meetings Server could allow an authenticated, remote attacker to have read access to part of the information stored in the affected system. More Information: CSCvc39165. Known Affected Releases: 2.6. Known Fixed Releases: 2.7.1.2054. | Webex_meetings_server | 6.5 | ||
| 2017-01-26 | CVE-2017-3797 | A vulnerability in Cisco WebEx Meetings Server could allow an unauthenticated, remote attacker to view the fully qualified domain name of the Cisco WebEx administration server. More Information: CSCvb60655. Known Affected Releases: 2.7. | Webex_meetings_server | 5.3 | ||
| 2017-01-26 | CVE-2017-3796 | A vulnerability in Cisco WebEx Meetings Server could allow an authenticated, remote attacker to execute predetermined shell commands on other hosts. More Information: CSCuz03353. Known Affected Releases: 2.6. | Webex_meetings_server | 7.2 | ||
| 2017-01-26 | CVE-2017-3794 | A vulnerability in Cisco WebEx Meetings Server could allow an unauthenticated, remote attacker to conduct a cross-site request forgery (CSRF) attack against an administrative user. More Information: CSCuz03317. Known Affected Releases: 2.6. Known Fixed Releases: 2.7.1.12. | Webex_meetings_server | 8.8 | ||
| 2017-11-30 | CVE-2017-12359 | A Buffer Overflow vulnerability in Cisco WebEx Network Recording Player for Advanced Recording Format (.arf) files could allow an attacker to execute arbitrary code on a system. An attacker could exploit this vulnerability by providing a user with a malicious .arf file via email or URL and convincing the user to launch the file. Exploitation of this vulnerability could allow arbitrary code execution on the system of the targeted user. This vulnerability affects Cisco WebEx Business Suite... | Webex_meeting_center, Webex_meetings_server | 6.5 | ||
| 2016-08-23 | CVE-2016-1484 | Cisco WebEx Meetings Server 2.6 allows remote attackers to bypass intended access restrictions and obtain sensitive application information via unspecified vectors, aka Bug ID CSCuy92724. | Webex_meetings_server | 7.5 | ||
| 2016-09-18 | CVE-2016-1483 | Cisco WebEx Meetings Server 2.6 allows remote attackers to cause a denial of service (CPU consumption) by repeatedly accessing the account-validation component of an unspecified service, aka Bug ID CSCuy92704. | Webex_meetings_server | 7.5 | ||
| 2016-09-17 | CVE-2016-1482 | Cisco WebEx Meetings Server 2.6 allows remote attackers to execute arbitrary commands by injecting these commands into an application script, aka Bug ID CSCuy83130. | Webex_meetings_server | 8.1 | ||
| 2016-07-15 | CVE-2016-1450 | Cisco WebEx Meetings Server 2.6 allows remote authenticated users to conduct command-injection attacks via vectors related to an upload's file type, aka Bug ID CSCuy92715. | Webex_meetings_server | 7.5 |