CVSS: 7.5EPSS: 0%CPEs: 32EXPL: 0CVE-2017-6651
https://notcve.org/view.php?id=CVE-2017-6651
16 May 2017 — A vulnerability in Cisco WebEx Meetings Server could allow unauthenticated, remote attackers to gain information that could allow them to access scheduled customer meetings. The vulnerability is due to an incomplete configuration of the robots.txt file on customer-hosted WebEx solutions and occurs when the Short URL functionality is not activated. All releases of Cisco WebEx Meetings Server later than release 2.5MR4 provide this functionality. An attacker could exploit this vulnerability via an exposed para... • http://www.securityfocus.com/bid/98387 • CWE-200: Exposure of Sensitive Information to an Unauthorized Actor •
CVSS: 6.5EPSS: 0%CPEs: 31EXPL: 0CVE-2017-3880
https://notcve.org/view.php?id=CVE-2017-3880
17 Mar 2017 — An Authentication Bypass vulnerability in Cisco WebEx Meetings Server could allow an unauthenticated, remote attacker to access limited meeting information on the Cisco WebEx Meetings Server. More Information: CSCvd50728. Known Affected Releases: 2.6 2.7 2.8 CWMS-2.5MR1 Orion1.1.2.patch T29_orion_merge. Una vulnerabilidad de desvío de autenticación en Cisco WebEx Meetings Server podría permitir que un atacante remoto no autenticado acceda a la información limitada de reuniones en el servidor de Cisco WebEx ... • http://www.securityfocus.com/bid/96918 • CWE-287: Improper Authentication •
CVSS: 9.3EPSS: 79%CPEs: 54EXPL: 1CVE-2017-3823 – Cisco WebEx Chrome Extension Remote Command Execution
https://notcve.org/view.php?id=CVE-2017-3823
01 Feb 2017 — An issue was discovered in the Cisco WebEx Extension before 1.0.7 on Google Chrome, the ActiveTouch General Plugin Container before 106 on Mozilla Firefox, the GpcContainer Class ActiveX control plugin before 10031.6.2017.0126 on Internet Explorer, and the Download Manager ActiveX control plugin before 2.1.0.10 on Internet Explorer. A vulnerability in these Cisco WebEx browser extensions could allow an unauthenticated, remote attacker to execute arbitrary code with the privileges of the affected browser on ... • https://packetstorm.news/files/id/140870 • CWE-119: Improper Restriction of Operations within the Bounds of a Memory Buffer •