93 matches found
EUVD-2016-2582
Malware in sbrugna...
EUVD-2017-12912
Malware in sbrugna...
CVE-2021-1525 Cisco Webex Meetings and Webex Meetings Server File Redirect Vulnerability
A vulnerability in Cisco Webex Meetings and Cisco Webex Meetings Server could allow an unauthenticated, remote attacker to redirect users to a malicious file. This vulnerability is due to improper validation of URL paths in the application interface. An attacker could exploit this vulnerability b...
CVE-2021-1311
A vulnerability in the reclaim host role feature of Cisco Webex Meetings and Cisco Webex Meetings Server could allow an authenticated, remote attacker to take over the host role during a meeting. This vulnerability is due to a lack of protection against brute forcing of the host key. An attacker...
CVE-2021-1311 Cisco Webex Meetings and Cisco Webex Meetings Server Host Key Brute Forcing Vulnerability
A vulnerability in the reclaim host role feature of Cisco Webex Meetings and Cisco Webex Meetings Server could allow an authenticated, remote attacker to take over the host role during a meeting. This vulnerability is due to a lack of protection against brute forcing of the host key. An attacker...
Design/Logic Flaw
A vulnerability in Cisco Webex Meetings and Cisco Webex Meetings Server could allow an unauthenticated, remote attacker to join a Webex session without appearing on the participant list. This vulnerability is due to improper handling of authentication tokens by a vulnerable Webex site. An attacke...
CVE-2020-3361
CVE-2020-3361 affects Cisco Webex Meetings and Webex Meetings Server. Description: an unauthenticated, remote attacker can bypass proper handling of authentication tokens to gain the privileges of another Webex user. The issue arises from improper handling of authentication tokens by vulnerable W...
Xxe
A vulnerability in Cisco WebEx Meetings Server could allow an unauthenticated, remote attacker to collect customer files via an out-of-band XML External Entity XXE injection. An attacker could exploit this vulnerability to gain information to conduct additional reconnaissance attacks. The...
Code injection
A vulnerability in Cisco WebEx Meetings Server could allow an authenticated, remote attacker to access the remote support account even after it has been disabled via the web application. The vulnerability is due to a design flaw in Cisco WebEx Meetings Server, which would not disable access to...
CVE-2018-0109
CVE-2018-0109 affects Cisco WebEx Meetings Server (CWMS). The vulnerability is an information-disclosure flaw that could allow an authenticated attacker with root privileges to view sensitive data and shared secrets by accessing the root account. Consequences: potential exposure of application de...
CVE-2018-0110
CVE-2018-0110 affects Cisco WebEx Meetings Server. A design flaw prevents disabling access to configured remote support accounts after web-admin action, enabling an authenticated, remote attacker to connect to the remote support account, modify server configuration and gain access to customer dat...
Cisco WebEx Meetings Server Information Disclosure Vulnerability
A vulnerability in Cisco WebEx Meetings Server could allow an authenticated, remote attacker to access sensitive data about the application. An attacker could exploit this vulnerability to obtain information to conduct additional reconnaissance attacks. The vulnerability is due to a design flaw i...
Cisco WebEx Meetings Server Information Disclosure Vulnerability
A vulnerability in Cisco WebEx Meetings Server could allow an unauthenticated, remote attacker to collect customer files via an out-of-band XML External Entity XXE injection. An attacker could exploit this vulnerability to gain information to conduct additional reconnaissance attacks. The...
CVE-2017-12295
A vulnerability in Cisco WebEx Meetings Server could allow an unauthenticated, remote attacker to access sensitive data about the application. An attacker could exploit this vulnerability to gain information to conduct additional reconnaissance attacks. The vulnerability is due to the HTTP header...
CVE-2017-12294
A vulnerability in Cisco WebEx Meetings Server could allow an authenticated, remote attacker to conduct a cross-site scripting XSS attack against a user of the affected system. The vulnerability is due to insufficient input validation of some parameters that are passed to the web server of the...
CVE-2017-12294
Cisco WebEx Meetings Server is affected by CVE-2017-12294, a cross-site scripting (XSS) vulnerability caused by insufficient input validation in certain web-server parameters. An authenticated, remote attacker could lure a user to a crafted link or intercept a request to inject malicious script, ...
CVE-2017-12295
Cisco WebEx Meetings Server is affected by an information-disclosure vulnerability (CVE-2017-12295) where the HTTP header replies can reveal internal network data to unauthenticated remote attackers. The root cause is exposure of sensitive information in HTTP responses, enabling reconnaissance. T...
CVE-2016-2970
IBM Sametime 8.5 and 9.0 meetings server may provide detailed information in an error message that may provide details about the application to possible attackers. IBM X-Force ID: 113851...
CVE-2016-2970
IBM Sametime 8.5 and 9.0 meetings server may provide detailed information in an error message that may provide details about the application to possible attackers. IBM X-Force ID: 113851...
Design/Logic Flaw
IBM Sametime 8.5 and 9.0 meetings server may provide detailed information in an error message that may provide details about the application to possible attackers. IBM X-Force ID: 113851...