CVE-2017-3796
https://notcve.org/view.php?id=CVE-2017-3796
A vulnerability in Cisco WebEx Meetings Server could allow an authenticated, remote attacker to execute predetermined shell commands on other hosts. More Information: CSCuz03353. Known Affected Releases: 2.6. Una vulnerabilidad en Cisco WebEx Meetings Server podría permitir a un atacante remoto autenticado ejecutar comandos shell predeterminados en otros anfitriones. Más información: CSCuz03353. • http://www.securityfocus.com/bid/95641 http://www.securitytracker.com/id/1037651 https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20170118-wms2 • CWE-78: Improper Neutralization of Special Elements used in an OS Command ('OS Command Injection') •
CVE-2017-3795
https://notcve.org/view.php?id=CVE-2017-3795
A vulnerability in Cisco WebEx Meetings Server could allow an authenticated, remote attacker to conduct arbitrary password changes against any non-administrative user. More Information: CSCuz03345. Known Affected Releases: 2.6. Known Fixed Releases: 2.7.1.12. Una vulnerabilidad en Cisco WebEx Meetings Server podría permitir a un atacante remoto autenticado llevar a cabo cambios arbitrarios de contraseña contra cualquier usuario no administrativo. • http://www.securityfocus.com/bid/95643 http://www.securitytracker.com/id/1037650 https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20170118-wms1 • CWE-287: Improper Authentication •
CVE-2016-1483
https://notcve.org/view.php?id=CVE-2016-1483
Cisco WebEx Meetings Server 2.6 allows remote attackers to cause a denial of service (CPU consumption) by repeatedly accessing the account-validation component of an unspecified service, aka Bug ID CSCuy92704. Cisco WebEx Meetings Server 2.6 permite a atacantes remotos provocar una denegación de servicio (consumo de CPU) accediendo repetidamente al componente de validación de cuenta de un servicio no especificado, vulnerabilidad también conocida como Bug ID CSCuy92704. • http://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20160914-wms http://www.securityfocus.com/bid/92957 http://www.securitytracker.com/id/1036808 • CWE-20: Improper Input Validation •
CVE-2016-1482
https://notcve.org/view.php?id=CVE-2016-1482
Cisco WebEx Meetings Server 2.6 allows remote attackers to execute arbitrary commands by injecting these commands into an application script, aka Bug ID CSCuy83130. Cisco WebEx Meetings Server 2.6 permite a atacantes remotos ejecutar comandos arbitrarios mediante la inyección de estos comandos en una secuencia de comandos de una aplicación, vulnerabilidad también conocida como Bug ID CSCuy83130. • http://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20160914-wem http://www.securityfocus.com/bid/92959 http://www.securitytracker.com/id/1036809 • CWE-78: Improper Neutralization of Special Elements used in an OS Command ('OS Command Injection') •
CVE-2016-1484
https://notcve.org/view.php?id=CVE-2016-1484
Cisco WebEx Meetings Server 2.6 allows remote attackers to bypass intended access restrictions and obtain sensitive application information via unspecified vectors, aka Bug ID CSCuy92724. Cisco WebEx Meetings Server 2.6 permite a atacantes remotos eludir las restricciones destinadas al acceso y obtener información de aplicación sensible a través de vectores no especificados, también conocido como Bug ID CSCuy92724. • http://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20160817-wms1 http://www.securityfocus.com/bid/92519 http://www.securitytracker.com/id/1036649 • CWE-20: Improper Input Validation CWE-200: Exposure of Sensitive Information to an Unauthorized Actor •