An Authentication Bypass vulnerability in Cisco WebEx Meetings Server could allow an unauthenticated, remote attacker to access limited meeting information on the Cisco WebEx Meetings Server. More Information: CSCvd50728. Known Affected Releases: 2.6 2.7 2.8 CWMS-2.5MR1 Orion1.1.2.patch T29_orion_merge.

No CVSS v3.1

Attack Vector Network

Attack Complexity Low

Privileges Required None

Scope Unchanged

Confidentiality Impact Low

Integrity Impact Low

Availability Impact None

User Interaction None

Access Vector Network

Access Complexity Low

Authentication None

Confidentiality Impact Partial

Integrity Impact Partial

Availability Impact None

AV:N/AC:L/Au:N/C:P/I:P/A:N
Vendors Products
Cisco
  • Webex Meetings Server

Configuration 1 [-]

OR cpe:2.3:a:cisco:webex_meetings_server:2.5.1.5:*:*:*:*:*:*:*
cpe:2.3:a:cisco:webex_meetings_server:2.5.1.29:*:*:*:*:*:*:*
cpe:2.3:a:cisco:webex_meetings_server:2.5.99.2:*:*:*:*:*:*:*
cpe:2.3:a:cisco:webex_meetings_server:2.5_base:*:*:*:*:*:*:*
cpe:2.3:a:cisco:webex_meetings_server:2.5_mr1:*:*:*:*:*:*:*
cpe:2.3:a:cisco:webex_meetings_server:2.5_mr2:*:*:*:*:*:*:*
cpe:2.3:a:cisco:webex_meetings_server:2.5_mr2:patch_1:*:*:*:*:*:*
cpe:2.3:a:cisco:webex_meetings_server:2.5_mr3:*:*:*:*:*:*:*
cpe:2.3:a:cisco:webex_meetings_server:2.5_mr4:*:*:*:*:*:*:*
cpe:2.3:a:cisco:webex_meetings_server:2.5_mr5:*:*:*:*:*:*:*
cpe:2.3:a:cisco:webex_meetings_server:2.5_mr5:patch_1:*:*:*:*:*:*
cpe:2.3:a:cisco:webex_meetings_server:2.5_mr6:*:*:*:*:*:*:*
cpe:2.3:a:cisco:webex_meetings_server:2.5_mr6:patch_1:*:*:*:*:*:*
cpe:2.3:a:cisco:webex_meetings_server:2.5_mr6:patch_2:*:*:*:*:*:*
cpe:2.3:a:cisco:webex_meetings_server:2.5_mr6:patch_3:*:*:*:*:*:*
cpe:2.3:a:cisco:webex_meetings_server:2.5_mr6:patch_4:*:*:*:*:*:*
cpe:2.3:a:cisco:webex_meetings_server:2.6.0:*:*:*:*:*:*:*
cpe:2.3:a:cisco:webex_meetings_server:2.6.1.39:*:*:*:*:*:*:*
cpe:2.3:a:cisco:webex_meetings_server:2.6_mr1:*:*:*:*:*:*:*
cpe:2.3:a:cisco:webex_meetings_server:2.6_mr1:patch_1:*:*:*:*:*:*
cpe:2.3:a:cisco:webex_meetings_server:2.6_mr2:*:*:*:*:*:*:*
cpe:2.3:a:cisco:webex_meetings_server:2.6_mr2:patch_1:*:*:*:*:*:*
cpe:2.3:a:cisco:webex_meetings_server:2.6_mr3:*:*:*:*:*:*:*
cpe:2.3:a:cisco:webex_meetings_server:2.6_mr3:patch_1:*:*:*:*:*:*
cpe:2.3:a:cisco:webex_meetings_server:2.6_mr3:patch_2:*:*:*:*:*:*
cpe:2.3:a:cisco:webex_meetings_server:2.7.1:*:*:*:*:*:*:*
cpe:2.3:a:cisco:webex_meetings_server:2.7_base:*:*:*:*:*:*:*
cpe:2.3:a:cisco:webex_meetings_server:2.7_mr1:*:*:*:*:*:*:*
cpe:2.3:a:cisco:webex_meetings_server:2.7_mr1:patch_1:*:*:*:*:*:*
cpe:2.3:a:cisco:webex_meetings_server:2.7_mr2:*:*:*:*:*:*:*
cpe:2.3:a:cisco:webex_meetings_server:2.7_mr2:patch_1:*:*:*:*:*:*
References
Link Resource
http://www.securityfocus.com/bid/96918 Third Party Advisory VDB Entry
http://www.securitytracker.com/id/1038040
https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20170315-webex Vendor Advisory
History

No history.

cve-icon MITRE Information

Status: PUBLISHED

Assigner: cisco

Published: 2017-03-17T22:00:00

Updated: 2017-07-11T09:57:01

Reserved: 2016-12-21T00:00:00

Link: CVE-2017-3880

JSON object: View

cve-icon NVD Information

Status : Modified

Published: 2017-03-17T22:59:00.610

Modified: 2017-07-12T01:29:17.097

Link: CVE-2017-3880

JSON object: View

cve-icon Redhat Information

No data.

CWE