Cisco WebEx Meetings Server Inactive User Authentication Bypass Vulnerability

A vulnerability in the web interface of Cisco WebEx Meetings Server could allow an authenticated, remote attacker to manage meetings, including scheduling of meetings, after the authenticated user has been deactivated.

The vulnerability is due to a failure to verify the active status of users accessing the application. An attacker could exploit this vulnerability by continuing to manage meetings, including meeting scheduling and attendance, after the attacker’s user account has been deactivated.

Cisco has confirmed this vulnerability in a security notice and software updates are available.

To exploit this vulnerability, an attacker must authenticate to a targeted device and possibly have an invitation to attend a meeting hosted by the targeted user. These access requirements decrease the likelihood of a successful exploit.

Cisco indicates through the CVSS score that functional exploit code exists; however, the code is not known to be publicly available.