CVE-2018-0111
 
Severity Score
Exploit Likelihood
Affected Versions
Public Exploits
0Exploited in Wild
-Decision
Descriptions
A vulnerability in Cisco WebEx Meetings Server could allow an unauthenticated, remote attacker to access sensitive data about the application. An attacker could exploit this vulnerability to gain information to conduct additional reconnaissance attacks. The vulnerability is due to a design flaw in Cisco WebEx Meetings Server, which could include internal network information that should be restricted. An attacker could exploit the vulnerability by utilizing available resources to study the customer network. An exploit could allow the attacker to discover sensitive data about the application. Cisco Bug IDs: CSCvg46806.
Una vulnerabilidad en Cisco WebEx Meetings Server podría permitir que un atacante remoto no autenticado acceda a datos sensibles de la aplicación. Un atacante podría explotar esta vulnerabilidad para obtener información y realizar ataques de reconocimiento adicionales. La vulnerabilidad se debe a un fallo de diseño en Cisco WebEx Meetings Server, que podría incluir información interna de la red que debería estar restringida. Un atacante puede explotar esta vulnerabilidad empleando recursos disponibles para estudiar la red del cliente. Un exploit podría permitir que el atacante descubra datos sensibles sobre la aplicación. Cisco Bug IDs: CSCvg46806.
CVSS Scores
SSVC
- Decision:-
Timeline
- 2017-11-27 CVE Reserved
- 2018-01-18 CVE Published
- 2023-07-21 EPSS Updated
- 2024-08-05 CVE Updated
- ---------- Exploited in Wild
- ---------- KEV Due Date
- ---------- First Exploit
CWE
- CWE-200: Exposure of Sensitive Information to an Unauthorized Actor
CAPEC
References (3)
URL | Tag | Source |
---|---|---|
http://www.securityfocus.com/bid/102723 | Third Party Advisory | |
http://www.securitytracker.com/id/1040237 | Third Party Advisory |
URL | Date | SRC |
---|
URL | Date | SRC |
---|
URL | Date | SRC |
---|---|---|
https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20180117-wms3 | 2019-10-09 |
Affected Vendors, Products, and Versions
Vendor | Product | Version | Other | Status | ||||||
---|---|---|---|---|---|---|---|---|---|---|
Vendor | Product | Version | Other | Status | <-- --> | Vendor | Product | Version | Other | Status |
Cisco Search vendor "Cisco" | Webex Meetings Server Search vendor "Cisco" for product "Webex Meetings Server" | * | - |
Affected
|