CVSS: 7.2EPSS: 0%CPEs: 1EXPL: 0CVE-2017-3796
https://notcve.org/view.php?id=CVE-2017-3796
A vulnerability in Cisco WebEx Meetings Server could allow an authenticated, remote attacker to execute predetermined shell commands on other hosts. More Information: CSCuz03353. Known Affected Releases: 2.6. Una vulnerabilidad en Cisco WebEx Meetings Server podría permitir a un atacante remoto autenticado ejecutar comandos shell predeterminados en otros anfitriones. Más información: CSCuz03353. • http://www.securityfocus.com/bid/95641 http://www.securitytracker.com/id/1037651 https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20170118-wms2 • CWE-78: Improper Neutralization of Special Elements used in an OS Command ('OS Command Injection') •
CVSS: 5.8EPSS: 0%CPEs: 1EXPL: 0CVE-2017-3799
https://notcve.org/view.php?id=CVE-2017-3799
A vulnerability in a URL parameter of Cisco WebEx Meeting Center could allow an unauthenticated, remote attacker to perform site redirection. More Information: CSCzu78401. Known Affected Releases: T28.1. Una vulnerabilidad en un parámetro URL de Cisco WebEx Meeting Center podría permitir a un atacante remoto no autenticado realizar redirección de sitio. Más información: CSCzu78401. • http://www.securityfocus.com/bid/95642 http://www.securitytracker.com/id/1037647 https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20170118-wms4 • CWE-601: URL Redirection to Untrusted Site ('Open Redirect') •
CVSS: 6.5EPSS: 0%CPEs: 1EXPL: 0CVE-2017-3795
https://notcve.org/view.php?id=CVE-2017-3795
A vulnerability in Cisco WebEx Meetings Server could allow an authenticated, remote attacker to conduct arbitrary password changes against any non-administrative user. More Information: CSCuz03345. Known Affected Releases: 2.6. Known Fixed Releases: 2.7.1.12. Una vulnerabilidad en Cisco WebEx Meetings Server podría permitir a un atacante remoto autenticado llevar a cabo cambios arbitrarios de contraseña contra cualquier usuario no administrativo. • http://www.securityfocus.com/bid/95643 http://www.securitytracker.com/id/1037650 https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20170118-wms1 • CWE-287: Improper Authentication •
CVSS: 5.3EPSS: 0%CPEs: 2EXPL: 0CVE-2017-3797
https://notcve.org/view.php?id=CVE-2017-3797
A vulnerability in Cisco WebEx Meetings Server could allow an unauthenticated, remote attacker to view the fully qualified domain name of the Cisco WebEx administration server. More Information: CSCvb60655. Known Affected Releases: 2.7. Una vulnerabilidad en Cisco WebEx Meetings Server podría permitir a un atacante remoto no autenticado ver el nombre del dominio completo del servidor de administración de Cisco WebEx. Más información: CSCvb60655. • http://www.securityfocus.com/bid/95639 http://www.securitytracker.com/id/1037648 https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20170118-wms3 • CWE-200: Exposure of Sensitive Information to an Unauthorized Actor •
CVSS: 7.8EPSS: 0%CPEs: 1EXPL: 0CVE-2016-1483
https://notcve.org/view.php?id=CVE-2016-1483
Cisco WebEx Meetings Server 2.6 allows remote attackers to cause a denial of service (CPU consumption) by repeatedly accessing the account-validation component of an unspecified service, aka Bug ID CSCuy92704. Cisco WebEx Meetings Server 2.6 permite a atacantes remotos provocar una denegación de servicio (consumo de CPU) accediendo repetidamente al componente de validación de cuenta de un servicio no especificado, vulnerabilidad también conocida como Bug ID CSCuy92704. • http://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20160914-wms http://www.securityfocus.com/bid/92957 http://www.securitytracker.com/id/1036808 • CWE-20: Improper Input Validation •