Published: 19/09/2016 Updated: 30/07/2017

CVSS v2 Base Score: 7.8 | Impact Score: 6.9 | Exploitability Score: 10

CVSS v3 Base Score: 7.5 | Impact Score: 3.6 | Exploitability Score: 3.9

VMScore: 694

Vector: AV:N/AC:L/Au:N/C:N/I:N/A:C

Cisco WebEx Meetings Server 2.6 allows remote malicious users to cause a denial of service (CPU consumption) by repeatedly accessing the account-validation component of an unspecified service, aka Bug ID CSCuy92704.

Vulnerable Product	Search on Vulmon	Subscribe to Product
cisco webex meetings server 2.6.0

A vulnerability in Cisco WebEx Meetings Server could allow an unauthenticated, remote attacker to cause a denial of service (DoS) condition on a targeted system The vulnerability is due to improper validation of user accounts by specific services An unauthenticated, remote attacker could exploit this vulnerability by repeatedly attempting to acc ...

Cisco drops patch for nasty WebEx remote code execution hole

The Register • Darren Pauli • 16 Sep 2016

Patch, then patch this, this, this, this, this, this, this, and this

Cisco is warning admins to apply a patch for a critical WebEx vulnerability, one of nine fixed this week. The remote code execution flaw (CVE-2016-1482) could allow attackers to execute arbitrary commands on WebEx servers. Admins can only apply the patch and do not have an option to deploy work-around mitigations. "A vulnerability in Cisco WebEx Meetings Server could allow an unauthenticated, remote attacker to bypass security restrictions on a host located in a DMZ and inject arbitrary commands...

CVE-2016-1483

Vulnerability Summary

Vulnerability Trend

Vendor Advisories

Recent Articles

References

Vulmon Search

About

Products

Connect