Remote Code Execution Vulnerability in Cisco WebEx Meeting Center
CVE-2017-3799

5.4MEDIUM

Key Information:

Vendor
Cisco
Status
Cisco Webex Meeting Center T28.1
Vendor
CVE Published:
26 January 2017

Summary

A vulnerability exists in Cisco WebEx Meeting Center due to improper handling of URL parameters. This flaw allows unauthorized remote attackers to redirect users to unintended sites, potentially leading to phishing or other malicious outcomes. Organizations using the affected version should apply relevant security measures to mitigate this risk.

Affected Version(s)

Cisco WebEx Meeting Center T28.1 Cisco WebEx Meeting Center T28.1

References

http://www.securitytracker.com/id/1037647
vdb-entryx_refsource_SECTRACK
https://tools.cisco.com/security/center/content/CiscoSecu...
x_refsource_CONFIRM
http://www.securityfocus.com/bid/95642
vdb-entryx_refsource_BID

CVSS V3.1

Score:
5.4
Severity:
MEDIUM
Confidentiality:
Low
Integrity:
Low
Availability:
Low
Attack Vector:
Network
Attack Complexity:
Low
Privileges Required:
Low
User Interaction:
Required
Scope:
Changed

Timeline

  • Vulnerability published

  • Vulnerability Reserved

.