Published: 09/01/2015 Updated: 08/09/2017

CVSS v2 Base Score: 5 | Impact Score: 2.9 | Exploitability Score: 10

VMScore: 445

Vector: AV:N/AC:L/Au:N/C:N/I:P/A:N

The play/modules component in Cisco WebEx Meetings Server allows remote malicious users to obtain administrator access via crafted API requests, aka Bug ID CSCuj40421.

Vulnerable Product	Search on Vulmon	Subscribe to Product
cisco webex meetings server -

A vulnerability in the play/modules of Cisco WebEx Meetings Server could allow an unauthenticated, remote attacker to be granted authenticated administrator access The vulnerability is due to an exposed application programming interface (API) An attacker could exploit this vulnerability by sending crafted URL requests to a vulnerable device Ci ...

Change the plan for Sat night, hackers. No more biz meetup eavesdrop LOLs

The Register • Darren Pauli • 14 Jan 2015

Cisco squashes bugs in WebEx

Cisco has patched four holes in WebEx that allowed attackers to gain access to video conferences and gain other administrative functions. The popular platform contained a cross site request forgery in versions 1.5 and below. Cisco slapped a moderate severity rating on the bug (CVE-2014-8031). "A vulnerability in the web framework code of Cisco WebEx Meetings Server could allow an unauthenticated, remote attacker to perform a cross-site request forgery attack," Cisco wrote in an advisory. "The vu...

CVE-2014-8033

Vulnerability Summary

Vendor Advisories

Recent Articles

References

Vulmon Search

About

Products

Connect