Lucene search
K
Database
Vendors
Products
Years
CVSS
Scanner
Agent Scanning
API Scanning
Manual Audit
Perimeter Scanner
Scanning
Projects
Email
Webhook
Plugins
Resources
Documents
Blog
Glossary
FAQ
Pricing
Contacts
About Us
Partners
Branding Guideline
nvd[email protected]NVD:CVE-2021-1311
HistoryJan 13, 2021 - 10:15 p.m.

CVE-2021-1311

2021-01-1322:15:21
CWE-307
[email protected]
web.nvd.nist.gov
5
vulnerability
cisco webex
meetings server
host role
remote attacker
brute forcing

CVSS2

5.5

Attack Vector

NETWORK

Attack Complexity

LOW

Authentication

SINGLE

Confidentiality Impact

NONE

Integrity Impact

PARTIAL

Availability Impact

PARTIAL

AV:N/AC:L/Au:S/C:N/I:P/A:P

CVSS3

5.4

Attack Vector

NETWORK

Attack Complexity

LOW

Privileges Required

LOW

User Interaction

NONE

Scope

UNCHANGED

Confidentiality Impact

NONE

Integrity Impact

LOW

Availability Impact

LOW

CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:N/I:L/A:L

EPSS

0.001

Percentile

40.9%

JSON

A vulnerability in the reclaim host role feature of Cisco Webex Meetings and Cisco Webex Meetings Server could allow an authenticated, remote attacker to take over the host role during a meeting. This vulnerability is due to a lack of protection against brute forcing of the host key. An attacker could exploit this vulnerability by sending crafted requests to a vulnerable Cisco Webex Meetings or Webex Meetings Server site. A successful exploit would require the attacker to have access to join a Webex meeting, including applicable meeting join links and passwords. A successful exploit could allow the attacker to acquire or take over the host role for a meeting.

Affected configurations

Nvd
Node
ciscowebex_meetingsRange<40.12.0
OR
ciscowebex_meetings_serverRange<3.0
OR
ciscowebex_meetings_serverMatch3.0-
OR
ciscowebex_meetings_serverMatch3.0maintenance_release1
OR
ciscowebex_meetings_serverMatch3.0maintenance_release2
OR
ciscowebex_meetings_serverMatch3.0maintenance_release3
OR
ciscowebex_meetings_serverMatch3.0maintenance_release4
OR
ciscowebex_meetings_serverMatch4.0-
OR
ciscowebex_meetings_serverMatch4.0maintenance_release1
OR
ciscowebex_meetings_serverMatch4.0maintenance_release2
OR
ciscowebex_meetings_serverMatch4.0maintenance_release3
VendorProductVersionCPE
ciscowebex_meetings*cpe:2.3:a:cisco:webex_meetings:*:*:*:*:*:*:*:*
ciscowebex_meetings_server*cpe:2.3:a:cisco:webex_meetings_server:*:*:*:*:*:*:*:*
ciscowebex_meetings_server3.0cpe:2.3:a:cisco:webex_meetings_server:3.0:-:*:*:*:*:*:*
ciscowebex_meetings_server3.0cpe:2.3:a:cisco:webex_meetings_server:3.0:maintenance_release1:*:*:*:*:*:*
ciscowebex_meetings_server3.0cpe:2.3:a:cisco:webex_meetings_server:3.0:maintenance_release2:*:*:*:*:*:*
ciscowebex_meetings_server3.0cpe:2.3:a:cisco:webex_meetings_server:3.0:maintenance_release3:*:*:*:*:*:*
ciscowebex_meetings_server3.0cpe:2.3:a:cisco:webex_meetings_server:3.0:maintenance_release4:*:*:*:*:*:*
ciscowebex_meetings_server4.0cpe:2.3:a:cisco:webex_meetings_server:4.0:-:*:*:*:*:*:*
ciscowebex_meetings_server4.0cpe:2.3:a:cisco:webex_meetings_server:4.0:maintenance_release1:*:*:*:*:*:*
ciscowebex_meetings_server4.0cpe:2.3:a:cisco:webex_meetings_server:4.0:maintenance_release2:*:*:*:*:*:*
Rows per page:
1-10 of 111

Related

cvelist 1
cve 1
prion 1
cisco 1
cvelist
cvelist
CVE-2021-1311 Cisco Webex Meetings and Cisco Webex Meetings Server Host Key Brute Forcing Vulnerability
2021-01-13 21:46:00
cve
cve
CVE-2021-1311
2021-01-13 22:15:21
prion
prion
Design/Logic Flaw
2021-01-13 22:15:00
cisco
cisco
Cisco Webex Meetings and Cisco Webex Meetings Server Host Key Brute Forcing Vulnerability
2021-01-13 16:00:00

CVSS2

5.5

Attack Vector

NETWORK

Attack Complexity

LOW

Authentication

SINGLE

Confidentiality Impact

NONE

Integrity Impact

PARTIAL

Availability Impact

PARTIAL

AV:N/AC:L/Au:S/C:N/I:P/A:P

CVSS3

5.4

Attack Vector

NETWORK

Attack Complexity

LOW

Privileges Required

LOW

User Interaction

NONE

Scope

UNCHANGED

Confidentiality Impact

NONE

Integrity Impact

LOW

Availability Impact

LOW

CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:N/I:L/A:L

EPSS

0.001

Percentile

40.9%

JSON
Related for NVD:CVE-2021-1311
cvelist1cve1prion1cisco1