Remote Vulnerability in Cisco WebEx Meeting Server Allows Message Manipulation
CVE-2017-12363

5.3MEDIUM

Key Information:

Vendor
Cisco
Status
Cisco Webex Meeting Server
Vendor
CVE Published:
30 November 2017

Summary

A flaw in Cisco WebEx Meeting Server enables unauthenticated remote attackers to alter the welcome messages for meetings. This vulnerability arises from inadequate security configurations, which permit attackers to exploit the system and modify settings without authentication. Successful exploitation could result in unauthorized changes to meeting communications, potentially misleading participants. For further technical details, see Cisco's advisory and related security documentation.

Affected Version(s)

Cisco WebEx Meeting Server Cisco WebEx Meeting Server

References

http://www.securityfocus.com/bid/102000
vdb-entryx_refsource_BID
https://tools.cisco.com/security/center/content/CiscoSecu...
x_refsource_CONFIRM
http://www.securitytracker.com/id/1039921
vdb-entryx_refsource_SECTRACK

CVSS V3.1

Score:
5.3
Severity:
MEDIUM
Confidentiality:
None
Integrity:
Low
Availability:
None
Attack Vector:
Network
Attack Complexity:
Low
Privileges Required:
None
User Interaction:
None
Scope:
Unchanged

Timeline

  • Vulnerability published

  • Vulnerability Reserved

.