Cisco WebEx Meetings Server 2.6 allows remote malicious users to execute arbitrary commands by injecting these commands into an application script, aka Bug ID CSCuy83130.
Vulnerable Product | Search on Vulmon | Subscribe to Product |
---|---|---|
cisco webex meetings server 2.6.0 |
Patch, then patch this, this, this, this, this, this, this, and this
Cisco is warning admins to apply a patch for a critical WebEx vulnerability, one of nine fixed this week. The remote code execution flaw (CVE-2016-1482) could allow attackers to execute arbitrary commands on WebEx servers. Admins can only apply the patch and do not have an option to deploy work-around mitigations. "A vulnerability in Cisco WebEx Meetings Server could allow an unauthenticated, remote attacker to bypass security restrictions on a host located in a DMZ and inject arbitrary commands...