Published: 17/09/2016 Updated: 30/07/2017

CVSS v2 Base Score: 9.3 | Impact Score: 10 | Exploitability Score: 8.6

CVSS v3 Base Score: 8.1 | Impact Score: 5.9 | Exploitability Score: 2.2

VMScore: 828

Vector: AV:N/AC:M/Au:N/C:C/I:C/A:C

Cisco WebEx Meetings Server 2.6 allows remote malicious users to execute arbitrary commands by injecting these commands into an application script, aka Bug ID CSCuy83130.

Vulnerable Product	Search on Vulmon	Subscribe to Product
cisco webex meetings server 2.6.0

A vulnerability in Cisco WebEx Meetings Server could allow an unauthenticated, remote attacker to bypass security restrictions on a host located in a DMZ and inject arbitrary commands on a targeted system The vulnerability is due to insufficient sanitization of user-supplied data processed by the affected software An attacker could exploit this ...

Cisco drops patch for nasty WebEx remote code execution hole

The Register • Darren Pauli • 16 Sep 2016

Patch, then patch this, this, this, this, this, this, this, and this

Cisco is warning admins to apply a patch for a critical WebEx vulnerability, one of nine fixed this week. The remote code execution flaw (CVE-2016-1482) could allow attackers to execute arbitrary commands on WebEx servers. Admins can only apply the patch and do not have an option to deploy work-around mitigations. "A vulnerability in Cisco WebEx Meetings Server could allow an unauthenticated, remote attacker to bypass security restrictions on a host located in a DMZ and inject arbitrary commands...

CVE-2016-1482

Vulnerability Summary

Vulnerability Trend

Vendor Advisories

Recent Articles

References

Vulmon Search

About

Products

Connect