Lucene search

K

Cisco Webex Meeting Server Security Vulnerabilities

cve
cve

CVE-2021-1221

A vulnerability in the user interface of Cisco Webex Meetings and Cisco Webex Meetings Server Software could allow an authenticated, remote attacker to inject a hyperlink into a meeting invitation email. The vulnerability is due to insufficient input validation. An attacker could exploit this...

4.1CVSS

4.5AI Score

0.001EPSS

2021-02-04 05:15 PM
24
2
cve
cve

CVE-2021-1311

A vulnerability in the reclaim host role feature of Cisco Webex Meetings and Cisco Webex Meetings Server could allow an authenticated, remote attacker to take over the host role during a meeting. This vulnerability is due to a lack of protection against brute forcing of the host key. An attacker...

5.4CVSS

5.5AI Score

0.001EPSS

2021-01-13 10:15 PM
31
cve
cve

CVE-2020-3471

A vulnerability in Cisco Webex Meetings and Cisco Webex Meetings Server could allow an unauthenticated, remote attacker to maintain bidirectional audio despite being expelled from an active Webex session. The vulnerability is due to a synchronization issue between meeting and media services on a...

6.5CVSS

6.5AI Score

0.002EPSS

2020-11-18 07:15 PM
38
3
cve
cve

CVE-2020-3419

A vulnerability in Cisco Webex Meetings and Cisco Webex Meetings Server could allow an unauthenticated, remote attacker to join a Webex session without appearing on the participant list. This vulnerability is due to improper handling of authentication tokens by a vulnerable Webex site. An attacker....

9.1CVSS

9.2AI Score

0.004EPSS

2020-11-18 07:15 PM
36
cve
cve

CVE-2020-3441

A vulnerability in Cisco Webex Meetings and Cisco Webex Meetings Server could allow an unauthenticated, remote attacker to view sensitive information from the meeting room lobby. This vulnerability is due to insufficient protection of sensitive participant information. An attacker could exploit...

5.3CVSS

5.1AI Score

0.001EPSS

2020-11-18 07:15 PM
867
4
cve
cve

CVE-2019-15987

A vulnerability in web interface of the Cisco Webex Event Center, Cisco Webex Meeting Center, Cisco Webex Support Center, and Cisco Webex Training Center could allow an unauthenticated, remote attacker to guess account usernames. The vulnerability is due to missing CAPTCHA protection in certain...

5.3CVSS

5.3AI Score

0.001EPSS

2019-11-26 04:15 AM
60
cve
cve

CVE-2018-0380

Multiple vulnerabilities exist in the Cisco Webex Network Recording Player for Advanced Recording Format (ARF) and Webex Recording Format (WRF) files. An attacker could exploit these vulnerabilities by providing a user with a malicious .arf or .wrf file via email or URL and convincing the user to.....

5.5CVSS

5.8AI Score

0.001EPSS

2018-07-18 11:29 PM
22
cve
cve

CVE-2018-0379

Multiple vulnerabilities exist in the Cisco Webex Network Recording Player for Advanced Recording Format (ARF) and Webex Recording Format (WRF) files. An attacker could exploit these vulnerabilities by providing a user with a malicious .arf or .wrf file via email or URL and convincing the user to.....

7.8CVSS

7.8AI Score

0.002EPSS

2018-07-18 11:29 PM
21
cve
cve

CVE-2018-0287

A vulnerability in the Cisco WebEx Network Recording Player for Advanced Recording Format (ARF) files could allow an unauthenticated, remote attacker to execute arbitrary code on an affected system. The vulnerability is due to a design flaw in the affected software. An attacker could exploit this.....

8.8CVSS

8.8AI Score

0.023EPSS

2018-05-02 10:29 PM
24
cve
cve

CVE-2018-0264

A vulnerability in the Cisco WebEx Network Recording Player for Advanced Recording Format (ARF) files could allow an unauthenticated, remote attacker to execute arbitrary code on the system of a targeted user. An attacker could exploit this vulnerability by sending the user a link or email...

9.6CVSS

9.3AI Score

0.007EPSS

2018-05-02 10:29 PM
325
cve
cve

CVE-2018-0112

A vulnerability in Cisco WebEx Business Suite clients, Cisco WebEx Meetings, and Cisco WebEx Meetings Server could allow an authenticated, remote attacker to execute arbitrary code on a targeted system. The vulnerability is due to insufficient input validation by the Cisco WebEx clients. An...

9CVSS

9.3AI Score

0.006EPSS

2018-04-19 08:29 PM
24
cve
cve

CVE-2018-0104

A vulnerability in Cisco WebEx Network Recording Player for Advanced Recording Format (ARF) files could allow a remote attacker to execute arbitrary code on the system of a targeted user. The attacker could exploit this vulnerability by sending the user a link or email attachment with a malicious.....

9.6CVSS

9.4AI Score

0.015EPSS

2018-01-04 06:29 AM
27
cve
cve

CVE-2018-0103

A Buffer Overflow vulnerability in Cisco WebEx Network Recording Player for Advanced Recording Format (ARF) files could allow a local attacker to execute arbitrary code on the system of a user. The attacker could exploit this vulnerability by sending the user a link or email attachment with a...

7.8CVSS

7.7AI Score

0.001EPSS

2018-01-04 06:29 AM
22
cve
cve

CVE-2017-12363

A vulnerability in Cisco WebEx Meeting Server could allow an unauthenticated, remote attacker to modify the welcome message of a meeting on an affected system. The vulnerability is due to insufficient security settings on meetings. An attacker could exploit this vulnerability by modifying the...

5.3CVSS

5.3AI Score

0.001EPSS

2017-11-30 09:29 AM
27
cve
cve

CVE-2017-12359

A Buffer Overflow vulnerability in Cisco WebEx Network Recording Player for Advanced Recording Format (.arf) files could allow an attacker to execute arbitrary code on a system. An attacker could exploit this vulnerability by providing a user with a malicious .arf file via email or URL and...

6.5CVSS

7AI Score

0.001EPSS

2017-11-30 09:29 AM
25
cve
cve

CVE-2017-12366

A vulnerability in Cisco WebEx Meeting Center could allow an unauthenticated, remote attacker to conduct a cross-site scripting (XSS) attack against a user of an affected system. The vulnerability is due to insufficient input validation of some parameters that are passed to the web server of the...

6.1CVSS

6AI Score

0.001EPSS

2017-11-30 09:29 AM
23
cve
cve

CVE-2017-12298

A vulnerability in Cisco WebEx Meeting Center could allow an unauthenticated, remote attacker to conduct a cross-site scripting (XSS) attack against a user of an affected system. The vulnerability is due to insufficient input validation of some parameters that are passed to the web server of the...

6.1CVSS

6AI Score

0.001EPSS

2017-10-19 08:29 AM
25
cve
cve

CVE-2017-6753

A vulnerability in Cisco WebEx browser extensions for Google Chrome and Mozilla Firefox could allow an unauthenticated, remote attacker to execute arbitrary code with the privileges of the affected browser on an affected system. This vulnerability affects the browser extensions for Cisco WebEx...

8.8CVSS

8.6AI Score

0.034EPSS

2017-07-25 07:29 PM
29
cve
cve

CVE-2017-6669

Multiple buffer overflow vulnerabilities exist in the Cisco WebEx Network Recording Player for Advanced Recording Format (ARF) files. An attacker could exploit these vulnerabilities by providing a user with a malicious ARF file via email or URL and convincing the user to launch the file....

7.8CVSS

8.1AI Score

0.003EPSS

2017-06-26 07:29 AM
61
cve
cve

CVE-2017-6651

A vulnerability in Cisco WebEx Meetings Server could allow unauthenticated, remote attackers to gain information that could allow them to access scheduled customer meetings. The vulnerability is due to an incomplete configuration of the robots.txt file on customer-hosted WebEx solutions and occurs....

7.5CVSS

7.7AI Score

0.002EPSS

2017-05-16 05:29 PM
19
cve
cve

CVE-2017-3880

An Authentication Bypass vulnerability in Cisco WebEx Meetings Server could allow an unauthenticated, remote attacker to access limited meeting information on the Cisco WebEx Meetings Server. More Information: CSCvd50728. Known Affected Releases: 2.6 2.7 2.8 CWMS-2.5MR1 Orion1.1.2.patch...

6.5CVSS

6.4AI Score

0.001EPSS

2017-03-17 10:59 PM
31
cve
cve

CVE-2017-3823

An issue was discovered in the Cisco WebEx Extension before 1.0.7 on Google Chrome, the ActiveTouch General Plugin Container before 106 on Mozilla Firefox, the GpcContainer Class ActiveX control plugin before 10031.6.2017.0126 on Internet Explorer, and the Download Manager ActiveX control plugin...

8.8CVSS

8.8AI Score

0.879EPSS

2017-02-01 11:59 AM
65
4