Lucene search
K
CiscoWebex Meeting Center

31 matches found

CVE
CVE
added 2017/02/01 11:0 a.m.160 views

CVE-2017-3823

The CVE-2017-3823 issue affects Cisco WebEx browser extensions: Chrome WebEx Extension prior to 1.0.7, Firefox’s ActiveTouch General Plugin Container prior to 106, Internet Explorer’s GpcContainer ActiveX control prior to 10031.6.2017.0126, and Internet Explorer’s Download Manager ActiveX control...

9.3CVSS8.8AI score0.27231EPSS
CVE
CVE
added 2016/04/21 10:0 a.m.127 views

CVE-2015-6360

CVE-2015-6360 affects libsrtp/libSRTP, with several advisories noting that the encryption-processing feature allows remote DoS via crafted SRTP packets. The root cause in the reports is improper handling of CSRC count and extension header length in RTP headers, leading to vulnerable RTP processin...

7.8CVSS7.1AI score0.08277EPSS
CVE
CVE
added 2017/07/25 7:0 p.m.102 views

CVE-2017-6753

Cisco WebEx browser extensions for Chrome/Firefox (pre-1.0.12) are vulnerable to remote code execution due to a design flaw in the atgpcext library, allowing an unauthenticated attacker to run arbitrary code with the privileges of the affected browser when a user visits a crafted page. Affected p...

9.3CVSS8.6AI score0.05951EPSS
CVE
CVE
added 2019/11/26 3:42 a.m.99 views

CVE-2019-15987

CVE-2019-15987 affects Cisco Webex Centers suite (Webex Event Center, Meeting Center, Support Center, Training Center). Root cause: missing CAPTCHA on select URLs allows unauthenticated, remote attacker to enumerate usernames and potentially obtain real names. Impact is information disclosure (no...

5.3CVSS5.2AI score0.01581EPSS
CVE
CVE
added 2017/10/19 8:0 a.m.72 views

CVE-2017-12298

CVE-2017-12298 affects Cisco WebEx Meeting Center. The issue is cross-site scripting (XSS) caused by insufficient input validation in parameters passed to the web server, allowing an unauthenticated, remote attacker to trick a user into following a malicious link or inject code into requests. Exp...

6.1CVSS6AI score0.0122EPSS
CVE
CVE
added 2017/11/30 9:0 a.m.70 views

CVE-2017-12366

Cisco WebEx Meeting Center is affected by CVE-2017-12366 through insufficient input validation of parameters sent to the web server, enabling an unauthenticated, remote attacker to perform cross-site scripting (XSS). Exploitation requires convincing a user to follow a malicious link or intercepti...

6.1CVSS6AI score0.0122EPSS
CVE
CVE
added 2017/10/19 8:0 a.m.64 views

CVE-2017-12286

Cisco Jabber web interface vulnerability (CVE-2017-12286) allows an authenticated, local attacker to retrieve full user profile information due to insufficient input/validation checks. Affected releases are all Cisco Jabber versions prior to 1.9.31. Exploitation requires local authentication and ...

5.5CVSS5.3AI score0.00357EPSS
CVE
CVE
added 2011/02/02 10:0 p.m.63 views

CVE-2010-3270

CVE-2010-3270 covers two WebEx vulnerabilities: a stack-based buffer overflow in Cisco WebEx Meeting Center (polling via .atp) and in WebEx Player-related .wrf/.atp handling. Public writeups (CORE-2010-1001) describe that WebEx Meeting Center T27LB before SP21 EP3 and T27LC before SP22 is suscept...

6.8CVSS7.9AI score0.04185EPSS
CVE
CVE
added 2015/06/19 1:0 a.m.63 views

CVE-2015-4194

Cisco WebEx Meeting Center’s web-based admin interface is vulnerable to user enumeration via inconsistent login error messages. An unauthenticated, remote attacker can determine whether a username exists and whether it has administrative privileges, per Cisco advisory Cisco-SA-20150618-CVE-2015-4...

5CVSS6.4AI score0.02628EPSS
CVE
CVE
added 2017/11/30 9:0 a.m.62 views

CVE-2017-12359

Converging sources confirm CVE-2017-12359 is a buffer overflow in the Cisco WebEx Network Recording Player for Advanced Recording Format (.arf) files. The vulnerability allows an attacker to achieve arbitrary code execution on a target system by convincing a user to open a malicious .arf file del...

6.5CVSS7AI score0.01674EPSS
CVE
CVE
added 2013/12/14 10:0 p.m.61 views

CVE-2013-6960

Cisco WebEx Meeting Center contains multiple cross-site scripting (XSS) vulnerabilities that allow remote attackers to inject arbitrary scripts via crafted URLs. The underlying cause, per the Cisco advisory, is insufficient validation of user-supplied input. Exploitation details in the provided d...

4.3CVSS5.8AI score0.01951EPSS
CVE
CVE
added 2017/11/30 9:0 a.m.59 views

CVE-2017-12360

CVE-2017-12360 is a vulnerability in Cisco WebEx Network Recording Player for WebEx Recording Format (WRF) files. The issue allows a remote attacker to cause a denial-of-service by convincing a user to open a malicious WRF file (delivered via email or URL), causing the affected WebEx Player to cr...

4.3CVSS4.7AI score0.01009EPSS
CVE
CVE
added 2017/11/30 9:0 a.m.59 views

CVE-2017-12365

CVE-2017-12365 affects Cisco WebEx Event Center. A design flaw allows an authenticated, remote attacker to query the Event Center site and view both listed and unlisted meetings, enabling potential attendance of meetings not accessible to them. Root cause is a information-disclosure design weakne...

4.3CVSS4.6AI score0.01239EPSS
CVE
CVE
added 2017/01/26 7:45 a.m.58 views

CVE-2017-3799

CVE-2017-3799 concerns a URL-parameter open-redirect vulnerability in Cisco WebEx (WebEx Meeting Center). The Cisco advisory attributes the issue to insufficient input validation, where an attacker could craft a link containing a remote site URL in the affected parameter to redirect users to a ma...

5.8CVSS5.4AI score0.01021EPSS
Web
CVE
CVE
added 2014/05/20 10:0 a.m.54 views

CVE-2014-2199

CVE-2014-2199 affects Cisco WebEx components (Event Center, Meeting Center, Sales Center, Training Center, WebEx Meetings Server 1.5(.1.131) and earlier) and WebEx Business Suite; vulnerable are versions before 27.32.31.16 (27.x), before 28.12.13.18 (28.x), and before 29.5.1.12 (29.x). The vulner...

5CVSS6.4AI score0.01652EPSS
CVE
CVE
added 2017/11/30 9:0 a.m.54 views

CVE-2017-12297

CVE-2017-12297 affects Cisco WebEx Meeting Center and is described as a URL redirection vulnerability caused by insufficient access control on HTTP traffic directed to the Meeting Center. An authenticated, remote attacker could exploit a crafted URL to cause the Meeting Center to initiate connect...

5CVSS5.2AI score0.0117EPSS
CVE
CVE
added 2015/01/17 11:0 a.m.53 views

CVE-2015-0590

CVE-2015-0590 affects Cisco WebEx Meeting Center. The issue stems from improper checking of certain meeting-join parameters, allowing remote, unauthenticated attackers to enable meeting features that were explicitly disabled by the organizer, potentially exposing sensitive information. Cisco’s ad...

5CVSS6.7AI score0.02049EPSS
CVE
CVE
added 2013/12/14 10:0 p.m.52 views

CVE-2013-6964

Cisco WebEx Business Suite Site Access Control Bypass (CVE-2013-6964) permits an authenticated, remote attacker to inject content from their own WebEx site into another WebEx site due to insufficient validation of user input. Exploitation requires a crafted URL and authenticated access; impact is...

3.5CVSS6.4AI score0.01618EPSS
CVE
CVE
added 2015/06/23 2:0 p.m.52 views

CVE-2015-4209

Cisco WebEx Meeting Center is affected by an information-disclosure vulnerability (CVE-2015-4209) where remote attackers can read a host calendar without proper authorization. The root cause is inconsistent authorization checks, enabling an attacker to enumerate hosted meetings and subsequently i...

6.4CVSS6.4AI score0.03116EPSS
CVE
CVE
added 2014/03/20 8:0 p.m.49 views

CVE-2014-0708

CVE-2014-0708 affects WebEx Meeting Center in Cisco WebEx Business Suite. The issue arises from improper URL composition for HTTP GET requests, which could allow remote attackers to read sensitive data from server access logs, Referer logs, or a browser history (Bug ID CSCul98272). Root cause: in...

5CVSS6.4AI score0.01196EPSS
CVE
CVE
added 2014/07/10 10:0 a.m.49 views

CVE-2014-3310

The Cisco advisory for CVE-2014-3310 reports an authentication-free, remote arbitrary file download vulnerability in the File Transfer feature of WebEx Meetings Client/Server/Meeting Center. The issue arises because the receiving client does not verify that the requested file matches the offered ...

4.3CVSS6.8AI score0.01204EPSS
CVE
CVE
added 2014/07/10 10:0 a.m.49 views

CVE-2014-3311

Cisco WebEx Meetings Client vulnerability CVE-2014-3311 is a heap-based buffer overflow in the file-sharing feature of the WebEx Meetings Client used with WebEx Meetings Server and WebEx Meeting Center. The root cause is improper bounds checking during data transfer, allowing an unauthenticated r...

5.1CVSS8.4AI score0.03413EPSS
CVE
CVE
added 2015/06/24 10:0 a.m.49 views

CVE-2015-4208

The connected documents provide concrete details for CVE-2015-4208 affecting Cisco WebEx Meeting Center . The vulnerability arises from inadequate restriction of the content of URLs in GET requests , allowing remote, unauthenticated attackers to either obtain sensitive information or perform SQL ...

7.5CVSS7AI score0.02555EPSS
CVE
CVE
added 2015/01/14 7:0 p.m.48 views

CVE-2015-0583

CVE-2015-0583 affects Cisco WebEx Meetings Server/Meeting Center. A vulnerability in the file: URI handling could cause information disclosure by unauthenticated remote attackers who view application URL requests containing sensitive data. Impact is sensitive information exposure via URLs; adviso...

5CVSS6.2AI score0.01354EPSS
CVE
CVE
added 2016/05/28 1:0 a.m.48 views

CVE-2016-1410

CVE-2016-1410 affects Cisco WebEx Meeting Center (Original Release Base). The vulnerability allows remote attackers to determine whether a username exists by participating in or hosting a meeting, enabling information disclosure of username validity. Documented impact values include CVSSv2/3 base...

7.5CVSS7.3AI score0.02337EPSS
CVE
CVE
added 2015/06/23 2:0 p.m.47 views

CVE-2015-4207

Cisco WebEx Meeting Center is affected by CVE-2015-4207, where a meeting access number is exposed in the URL, enabling remote disclosure of sensitive information and bypass of attendance restrictions by visiting the meeting-registration page. The root cause is the inclusion of the access number i...

5CVSS6.4AI score0.02709EPSS
CVE
CVE
added 2015/06/24 10:0 a.m.47 views

CVE-2015-4212

Cisco WebEx Meeting Center is affected by CVE-2015-4212, where an unauthenticated, remote attacker can obtain sensitive information, including credentials, due to improper handling of requests in the Cisco WebEx Meeting Center implementation. Multiple sources describe exposure of data and credent...

5CVSS6.4AI score0.02628EPSS
CVE
CVE
added 2013/12/14 10:0 p.m.46 views

CVE-2013-6970

Cisco WebEx Meeting Center is affected by CVE-2013-6970, where remote attackers can obtain sensitive information by reading verbose error messages in server responses (Bug ID CSCul35928). The entry notes a medium severity (CVSS v2 base score 5.0) with network access and no authentication required...

5CVSS6.4AI score0.01369EPSS
CVE
CVE
added 2015/06/23 2:0 p.m.46 views

CVE-2015-4210

CVE-2015-4210 is a reflected XSS vulnerability in Cisco WebEx Meetings Center. The issue allows remote attackers to trigger arbitrary script/HTML by sending a specially crafted URL, affecting the WebEx Meetings Center component. Cisco’s advisory states the vulnerability is due to insufficient inp...

4.3CVSS5.8AI score0.02162EPSS
CVE
CVE
added 2013/12/14 10:0 p.m.43 views

CVE-2013-6961

CVE-2013-6961 concerns the Collaboration Partner Access Console (CPAC) in Cisco WebEx Meeting Center. The advisory and related sources describe an unauthenticated, remote cross-site scripting (XSS) vulnerability caused by insufficient validation of user-supplied input. An attacker could lure a us...

4.3CVSS5.8AI score0.01792EPSS
CVE
CVE
added 2013/12/14 10:0 p.m.41 views

CVE-2013-6962

The CVE-2013-6962 issue affects Cisco WebEx Meeting Center, specifically the mobile-browser subsystem, where an unauthenticated, remote attacker can trigger a cross-site scripting (XSS) attack by convincing a user to open a crafted URL. The vulnerability leverages insufficient validation of user-...

4.3CVSS5.8AI score0.01792EPSS