Lucene search

K
CiscoWebex Meeting Center

31 matches found

CVE
CVE
added 2017/02/01 11:59 a.m.139 views

CVE-2017-3823

An issue was discovered in the Cisco WebEx Extension before 1.0.7 on Google Chrome, the ActiveTouch General Plugin Container before 106 on Mozilla Firefox, the GpcContainer Class ActiveX control plugin before 10031.6.2017.0126 on Internet Explorer, and the Download Manager ActiveX control plugin be...

9.3CVSS8.8AI score0.79238EPSS
CVE
CVE
added 2016/04/21 10:59 a.m.106 views

CVE-2015-6360

The encryption-processing feature in Cisco libSRTP before 1.5.3 allows remote attackers to cause a denial of service via crafted fields in SRTP packets, aka Bug ID CSCux00686.

7.8CVSS7.1AI score0.1794EPSS
CVE
CVE
added 2019/11/26 4:15 a.m.86 views

CVE-2019-15987

A vulnerability in web interface of the Cisco Webex Event Center, Cisco Webex Meeting Center, Cisco Webex Support Center, and Cisco Webex Training Center could allow an unauthenticated, remote attacker to guess account usernames. The vulnerability is due to missing CAPTCHA protection in certain URL...

5.3CVSS5.2AI score0.00904EPSS
CVE
CVE
added 2017/07/25 7:29 p.m.84 views

CVE-2017-6753

A vulnerability in Cisco WebEx browser extensions for Google Chrome and Mozilla Firefox could allow an unauthenticated, remote attacker to execute arbitrary code with the privileges of the affected browser on an affected system. This vulnerability affects the browser extensions for Cisco WebEx Meet...

9.3CVSS8.6AI score0.16696EPSS
CVE
CVE
added 2017/10/19 8:29 a.m.60 views

CVE-2017-12298

A vulnerability in Cisco WebEx Meeting Center could allow an unauthenticated, remote attacker to conduct a cross-site scripting (XSS) attack against a user of an affected system. The vulnerability is due to insufficient input validation of some parameters that are passed to the web server of the af...

6.1CVSS6AI score0.00232EPSS
CVE
CVE
added 2017/11/30 9:29 a.m.58 views

CVE-2017-12366

A vulnerability in Cisco WebEx Meeting Center could allow an unauthenticated, remote attacker to conduct a cross-site scripting (XSS) attack against a user of an affected system. The vulnerability is due to insufficient input validation of some parameters that are passed to the web server of the af...

6.1CVSS6AI score0.00232EPSS
CVE
CVE
added 2017/11/30 9:29 a.m.54 views

CVE-2017-12359

A Buffer Overflow vulnerability in Cisco WebEx Network Recording Player for Advanced Recording Format (.arf) files could allow an attacker to execute arbitrary code on a system. An attacker could exploit this vulnerability by providing a user with a malicious .arf file via email or URL and convinci...

6.5CVSS7AI score0.01027EPSS
CVE
CVE
added 2017/10/19 8:29 a.m.52 views

CVE-2017-12286

A vulnerability in the web interface of Cisco Jabber could allow an authenticated, local attacker to retrieve user profile information from the affected software, which could lead to the disclosure of confidential information. The vulnerability is due to a lack of input and validation checks in the...

5.5CVSS5.3AI score0.00078EPSS
CVE
CVE
added 2015/06/19 1:59 a.m.49 views

CVE-2015-4194

The web-based administrative interface in Cisco WebEx Meeting Center provides different error messages for failed login attempts depending on whether the username exists or corresponds to a privileged account, which allows remote attackers to enumerate account names and obtain sensitive information...

5CVSS6.4AI score0.00428EPSS
CVE
CVE
added 2017/11/30 9:29 a.m.47 views

CVE-2017-12360

A vulnerability in Cisco WebEx Network Recording Player for WebEx Recording Format (WRF) files could allow an attacker to cause a denial of service (DoS) condition. An attacker could exploit this vulnerability by providing a user with a malicious WRF file via email or URL and convincing the user to...

4.3CVSS4.7AI score0.00296EPSS
CVE
CVE
added 2017/11/30 9:29 a.m.47 views

CVE-2017-12365

A vulnerability in Cisco WebEx Event Center could allow an authenticated, remote attacker to view unlisted meeting information. The vulnerability is due to a design flaw in the product. An attacker could execute a query on an Event Center site to view scheduled meetings. A successful query would sh...

4.3CVSS4.6AI score0.00253EPSS
CVE
CVE
added 2017/01/26 7:59 a.m.45 views

CVE-2017-3799

A vulnerability in a URL parameter of Cisco WebEx Meeting Center could allow an unauthenticated, remote attacker to perform site redirection. More Information: CSCzu78401. Known Affected Releases: T28.1.

5.8CVSS5.4AI score0.00211EPSS
CVE
CVE
added 2017/11/30 9:29 a.m.43 views

CVE-2017-12297

A vulnerability in Cisco WebEx Meeting Center could allow an authenticated, remote attacker to initiate connections to arbitrary hosts, aka a "URL Redirection Vulnerability." The vulnerability is due to insufficient access control for HTTP traffic directed to the Cisco WebEx Meeting Center. An atta...

5CVSS5.2AI score0.00237EPSS
CVE
CVE
added 2011/02/02 11:0 p.m.42 views

CVE-2010-3270

Stack-based buffer overflow in Cisco WebEx Meeting Center T27LB before SP21 EP3 and T27LC before SP22 allows user-assisted remote authenticated users to execute arbitrary code by providing a crafted .atp file and then disconnecting from a meeting. NOTE: since this is a site-specific issue with no e...

6.8CVSS7.9AI score0.07899EPSS
CVE
CVE
added 2014/05/20 11:13 a.m.42 views

CVE-2014-2199

meetinginfo.do in Cisco WebEx Event Center, WebEx Meeting Center, WebEx Sales Center, WebEx Training Center, WebEx Meetings Server 1.5(.1.131) and earlier, and WebEx Business Suite (WBS) 27 before 27.32.31.16, 28 before 28.12.13.18, and 29 before 29.5.1.12 allows remote attackers to obtain sensitiv...

5CVSS6.4AI score0.00378EPSS
CVE
CVE
added 2013/12/14 10:55 p.m.41 views

CVE-2013-6964

Cisco WebEx Meeting Center allows remote authenticated users to bypass access control and inject content from a different WebEx site via unspecified vectors, aka Bug ID CSCul36197.

3.5CVSS6.4AI score0.00376EPSS
CVE
CVE
added 2013/12/14 10:55 p.m.39 views

CVE-2013-6960

Multiple cross-site scripting (XSS) vulnerabilities in Cisco WebEx Meeting Center allow remote attackers to inject arbitrary web script or HTML via a crafted URL, aka Bug ID CSCul36248.

4.3CVSS5.8AI score0.00499EPSS
CVE
CVE
added 2014/07/10 11:6 a.m.38 views

CVE-2014-3310

The File Transfer feature in WebEx Meetings Client in Cisco WebEx Meetings Server and WebEx Meeting Center does not verify that a requested file was an offered file, which allows remote attackers to read arbitrary files via a modified request, aka Bug IDs CSCup62442 and CSCup58463.

4.3CVSS6.8AI score0.00294EPSS
CVE
CVE
added 2015/01/14 7:59 p.m.38 views

CVE-2015-0583

Cisco WebEx Meeting Center does not properly restrict the content of URLs, which allows remote attackers to obtain sensitive information via vectors related to file: URIs, aka Bug ID CSCus18281.

5CVSS6.2AI score0.0026EPSS
CVE
CVE
added 2015/06/24 10:59 a.m.38 views

CVE-2015-4208

Cisco WebEx Meeting Center does not properly restrict the content of URLs in GET requests, which allows remote attackers to obtain sensitive information or conduct SQL injection attacks via vectors involving read access to a request, aka Bug ID CSCup88398.

7.5CVSS7AI score0.00601EPSS
CVE
CVE
added 2014/03/21 1:4 a.m.37 views

CVE-2014-0708

WebEx Meeting Center in Cisco WebEx Business Suite does not properly compose URLs for HTTP GET requests, which allows remote attackers to obtain sensitive information by reading (1) web-server access logs, (2) web-server Referer logs, or (3) a browser's history, aka Bug ID CSCul98272.

5CVSS6.4AI score0.0023EPSS
CVE
CVE
added 2015/01/17 11:59 a.m.37 views

CVE-2015-0590

Cisco WebEx Meeting Center allows remote attackers to activate disabled meeting attributes, and consequently obtain sensitive information, by providing crafted parameters during a meeting-join action, aka Bug ID CSCuo34165.

5CVSS6.7AI score0.0026EPSS
CVE
CVE
added 2015/06/23 2:59 p.m.37 views

CVE-2015-4207

Cisco WebEx Meeting Center places a meeting's access number in a URL, which allows remote attackers to obtain sensitive information and bypass intended attendance restrictions by visiting a meeting-registration page, aka Bug ID CSCus62147.

5CVSS6.4AI score0.00328EPSS
CVE
CVE
added 2015/06/23 2:59 p.m.37 views

CVE-2015-4209

Cisco WebEx Meeting Center does not properly determine authorization for reading a host calendar, which allows remote attackers to obtain sensitive information by obtaining a list of all meetings and then sending a calendar request for each one, aka Bug ID CSCur23913.

6.4CVSS6.4AI score0.00778EPSS
CVE
CVE
added 2015/06/24 10:59 a.m.36 views

CVE-2015-4212

Cisco WebEx Meeting Center allows remote attackers to obtain sensitive information via unspecified vectors, as demonstrated by discovering credentials, aka Bug ID CSCut17466.

5CVSS6.4AI score0.00428EPSS
CVE
CVE
added 2014/07/10 11:6 a.m.35 views

CVE-2014-3311

Heap-based buffer overflow in the file-sharing feature in WebEx Meetings Client in Cisco WebEx Meetings Server and WebEx Meeting Center allows remote attackers to execute arbitrary code via crafted data, aka Bug IDs CSCup62463 and CSCup58467.

5.1CVSS8.4AI score0.03061EPSS
CVE
CVE
added 2013/12/14 10:55 p.m.34 views

CVE-2013-6970

Cisco WebEx Meeting Center allows remote attackers to obtain sensitive information by reading verbose error messages within server responses, aka Bug ID CSCul35928.

5CVSS6.4AI score0.00294EPSS
CVE
CVE
added 2015/06/23 2:59 p.m.34 views

CVE-2015-4210

Cross-site scripting (XSS) vulnerability in Cisco WebEx Meeting Center allows remote attackers to inject arbitrary web script or HTML via a crafted URL, aka Bug ID CSCur03806.

4.3CVSS5.8AI score0.00416EPSS
CVE
CVE
added 2013/12/14 10:55 p.m.31 views

CVE-2013-6961

Cross-site scripting (XSS) vulnerability in the Collaboration Partner Access Console (CPAC) in Cisco WebEx Meeting Center allows remote attackers to inject arbitrary web script or HTML via a crafted URL, aka Bug ID CSCul36237.

4.3CVSS5.8AI score0.00295EPSS
CVE
CVE
added 2013/12/14 10:55 p.m.30 views

CVE-2013-6962

Cross-site scripting (XSS) vulnerability in the mobile-browser subsystem in Cisco WebEx Meeting Center allows remote attackers to inject arbitrary web script or HTML via a crafted URL, aka Bug ID CSCul36228.

4.3CVSS5.8AI score0.00295EPSS
CVE
CVE
added 2016/05/28 1:59 a.m.27 views

CVE-2016-1410

Cisco WebEx Meeting Center Original Release Base allows remote attackers to obtain sensitive information about username validity by (1) attending or (2) hosting a meeting, aka Bug ID CSCux84312.

7.5CVSS7.3AI score0.00588EPSS