Lucene search
K
Database
Vendors
Products
Years
CVSS
Scanner
Agent Scanning
API Scanning
Manual Audit
Perimeter Scanner
Scanning
Projects
Email
Webhook
Plugins
Resources
Documents
Blog
Glossary
FAQ
Pricing
Contacts
About Us
Partners
Branding Guideline
cveCiscoCVE-2017-12360
HistoryNov 30, 2017 - 9:29 a.m.

CVE-2017-12360

2017-11-3009:29:01
CWE-399
cisco
web.nvd.nist.gov
35
cisco
webex
network recording player
wrf
vulnerability
dos
exploit
cisco bug ids
nvd

CVSS2

4.3

Attack Vector

NETWORK

Attack Complexity

MEDIUM

Authentication

NONE

Confidentiality Impact

NONE

Integrity Impact

NONE

Availability Impact

PARTIAL

AV:N/AC:M/Au:N/C:N/I:N/A:P

CVSS3

4.3

Attack Vector

NETWORK

Attack Complexity

LOW

Privileges Required

NONE

User Interaction

REQUIRED

Scope

UNCHANGED

Confidentiality Impact

NONE

Integrity Impact

NONE

Availability Impact

LOW

CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:L

AI Score

4.7

Confidence

High

EPSS

0.001

Percentile

37.5%

JSON

A vulnerability in Cisco WebEx Network Recording Player for WebEx Recording Format (WRF) files could allow an attacker to cause a denial of service (DoS) condition. An attacker could exploit this vulnerability by providing a user with a malicious WRF file via email or URL and convincing the user to open the file. A successful exploit could cause an affected player to crash, resulting in a DoS condition. This vulnerability affects Cisco WebEx Business Suite meeting sites, Cisco WebEx Meetings sites, and Cisco WebEx WRF players. Cisco Bug IDs: CSCve30294, CSCve30301.

Affected configurations

Nvd
Node
ciscowebex_meeting_centerMatcht29
OR
ciscowebex_meeting_centerMatcht30
OR
ciscowebex_meeting_centerMatcht31
OR
ciscowebex_meeting_centerMatcht32
VendorProductVersionCPE
ciscowebex_meeting_centert29cpe:2.3:a:cisco:webex_meeting_center:t29:*:*:*:*:*:*:*
ciscowebex_meeting_centert30cpe:2.3:a:cisco:webex_meeting_center:t30:*:*:*:*:*:*:*
ciscowebex_meeting_centert31cpe:2.3:a:cisco:webex_meeting_center:t31:*:*:*:*:*:*:*
ciscowebex_meeting_centert32cpe:2.3:a:cisco:webex_meeting_center:t32:*:*:*:*:*:*:*

CNA Affected

[
  {
    "product": "Cisco WebEx Network Recording Player",
    "vendor": "n/a",
    "versions": [
      {
        "status": "affected",
        "version": "Cisco WebEx Network Recording Player"
      }
    ]
  }
]

Related

cvelist 1
cisco 1
nvd 1
prion 1
cvelist
cvelist
CVE-2017-12360
2017-11-30 09:00:00
cisco
cisco
Cisco WebEx Network Recording Player Denial of Service Vulnerability
2017-11-29 16:00:00
nvd
nvd
CVE-2017-12360
2017-11-30 09:29:01
prion
prion
Race condition
2017-11-30 09:29:00

CVSS2

4.3

Attack Vector

NETWORK

Attack Complexity

MEDIUM

Authentication

NONE

Confidentiality Impact

NONE

Integrity Impact

NONE

Availability Impact

PARTIAL

AV:N/AC:M/Au:N/C:N/I:N/A:P

CVSS3

4.3

Attack Vector

NETWORK

Attack Complexity

LOW

Privileges Required

NONE

User Interaction

REQUIRED

Scope

UNCHANGED

Confidentiality Impact

NONE

Integrity Impact

NONE

Availability Impact

LOW

CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:L

AI Score

4.7

Confidence

High

EPSS

0.001

Percentile

37.5%

JSON
Related for CVE-2017-12360
cvelist1cisco1nvd1prion1