CVSS2
Attack Vector
NETWORK
Attack Complexity
LOW
Authentication
NONE
Confidentiality Impact
PARTIAL
Integrity Impact
NONE
Availability Impact
NONE
AV:N/AC:L/Au:N/C:P/I:N/A:N
EPSS
Percentile
66.1%
A vulnerability in Cisco WebEx Meetings Server (Cisco WMS) could allow an unauthenticated, remote attacker to download arbitrary files to an affected device.
The vulnerability is due to insufficient user-input validation. An attacker could exploit this vulnerability by submitting crafted URL requests to a vulnerable device.
Cisco has confirmed the vulnerability in a security notice and released software updates.
Cisco indicates through the CVSS score that functional exploit code exists; however, the code is not known to be publicly available.
Vendor | Product | Version | CPE |
---|---|---|---|
cisco | webex_meetings_server | any | cpe:2.3:a:cisco:webex_meetings_server:any:*:*:*:*:*:*:* |