Cross-site request forgery (CSRF) vulnerability in Cisco WebEx Meetings Server allows remote malicious users to hijack the authentication of arbitrary users, aka Bug ID CSCuj40456.
Vulnerable Product | Search on Vulmon | Subscribe to Product |
---|---|---|
cisco webex meetings server - |
Cisco squashes bugs in WebEx
Cisco has patched four holes in WebEx that allowed attackers to gain access to video conferences and gain other administrative functions. The popular platform contained a cross site request forgery in versions 1.5 and below. Cisco slapped a moderate severity rating on the bug (CVE-2014-8031). "A vulnerability in the web framework code of Cisco WebEx Meetings Server could allow an unauthenticated, remote attacker to perform a cross-site request forgery attack," Cisco wrote in an advisory. "The vu...