CVSS: 8.8EPSS: 0%CPEs: 1EXPL: 0CVE-2017-3794
https://notcve.org/view.php?id=CVE-2017-3794
A vulnerability in Cisco WebEx Meetings Server could allow an unauthenticated, remote attacker to conduct a cross-site request forgery (CSRF) attack against an administrative user. More Information: CSCuz03317. Known Affected Releases: 2.6. Known Fixed Releases: 2.7.1.12. Una vulnerabilidad en Cisco WebEx Meetings Server podría permitir a un atacante remoto no autenticado llevar a cabo un ataque de CSRF contra un usuario administrativo. • http://www.securityfocus.com/bid/95635 http://www.securitytracker.com/id/1037649 https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20170118-wms • CWE-352: Cross-Site Request Forgery (CSRF) •
CVSS: 5.3EPSS: 0%CPEs: 2EXPL: 0CVE-2017-3797
https://notcve.org/view.php?id=CVE-2017-3797
A vulnerability in Cisco WebEx Meetings Server could allow an unauthenticated, remote attacker to view the fully qualified domain name of the Cisco WebEx administration server. More Information: CSCvb60655. Known Affected Releases: 2.7. Una vulnerabilidad en Cisco WebEx Meetings Server podría permitir a un atacante remoto no autenticado ver el nombre del dominio completo del servidor de administración de Cisco WebEx. Más información: CSCvb60655. • http://www.securityfocus.com/bid/95639 http://www.securitytracker.com/id/1037648 https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20170118-wms3 • CWE-200: Exposure of Sensitive Information to an Unauthorized Actor •
CVSS: 7.2EPSS: 0%CPEs: 1EXPL: 0CVE-2017-3796
https://notcve.org/view.php?id=CVE-2017-3796
A vulnerability in Cisco WebEx Meetings Server could allow an authenticated, remote attacker to execute predetermined shell commands on other hosts. More Information: CSCuz03353. Known Affected Releases: 2.6. Una vulnerabilidad en Cisco WebEx Meetings Server podría permitir a un atacante remoto autenticado ejecutar comandos shell predeterminados en otros anfitriones. Más información: CSCuz03353. • http://www.securityfocus.com/bid/95641 http://www.securitytracker.com/id/1037651 https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20170118-wms2 • CWE-78: Improper Neutralization of Special Elements used in an OS Command ('OS Command Injection') •
CVSS: 6.5EPSS: 0%CPEs: 1EXPL: 0CVE-2017-3795
https://notcve.org/view.php?id=CVE-2017-3795
A vulnerability in Cisco WebEx Meetings Server could allow an authenticated, remote attacker to conduct arbitrary password changes against any non-administrative user. More Information: CSCuz03345. Known Affected Releases: 2.6. Known Fixed Releases: 2.7.1.12. Una vulnerabilidad en Cisco WebEx Meetings Server podría permitir a un atacante remoto autenticado llevar a cabo cambios arbitrarios de contraseña contra cualquier usuario no administrativo. • http://www.securityfocus.com/bid/95643 http://www.securitytracker.com/id/1037650 https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20170118-wms1 • CWE-287: Improper Authentication •
CVSS: 7.8EPSS: 0%CPEs: 1EXPL: 0CVE-2016-1483
https://notcve.org/view.php?id=CVE-2016-1483
Cisco WebEx Meetings Server 2.6 allows remote attackers to cause a denial of service (CPU consumption) by repeatedly accessing the account-validation component of an unspecified service, aka Bug ID CSCuy92704. Cisco WebEx Meetings Server 2.6 permite a atacantes remotos provocar una denegación de servicio (consumo de CPU) accediendo repetidamente al componente de validación de cuenta de un servicio no especificado, vulnerabilidad también conocida como Bug ID CSCuy92704. • http://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20160914-wms http://www.securityfocus.com/bid/92957 http://www.securitytracker.com/id/1036808 • CWE-20: Improper Input Validation •