URL Redirection Vulnerability in Cisco WebEx Meeting Center
CVE-2017-12297

5MEDIUM

Key Information:

Vendor
Cisco
Status
Cisco Webex Meeting Center
Vendor
CVE Published:
30 November 2017

Summary

A URL Redirection Vulnerability exists in Cisco WebEx Meeting Center due to inadequate access control for HTTP traffic. This vulnerability allows authenticated, remote attackers to send malicious URLs that could initiate connections to arbitrary hosts. This exploitation can lead to unauthorized access and potential security breaches as the affected system fails to properly manage the redirection of URLs, making it essential for users to remain vigilant and apply security patches.

Affected Version(s)

Cisco WebEx Meeting Center Cisco WebEx Meeting Center

References

https://tools.cisco.com/security/center/content/CiscoSecu...
x_refsource_CONFIRM
http://www.securityfocus.com/bid/101985
vdb-entryx_refsource_BID
http://www.securitytracker.com/id/1039919
vdb-entryx_refsource_SECTRACK

CVSS V3.1

Score:
5
Severity:
MEDIUM
Confidentiality:
None
Integrity:
Low
Availability:
None
Attack Vector:
Network
Attack Complexity:
Low
Privileges Required:
Low
User Interaction:
None
Scope:
Changed

Timeline

  • Vulnerability published

  • Vulnerability Reserved

.