CVE-2017-12293
HIGHCisco WebEx Meetings Server - Unauthenticated Denial of Service via Connection Exhaustion
Title source: llmDescription
A vulnerability in Cisco WebEx Meetings Server could allow an unauthenticated, remote attacker to cause a denial of service (DoS) condition. The vulnerability is due to insufficient limitations on the number of connections that can be made to the affected software. An attacker could exploit this vulnerability by opening multiple connections to the server and exhausting server resources. A successful exploit could cause the server to reload, resulting in a DoS condition. Cisco Bug IDs: CSCvf41006.
References (3)
Core 3
Core References
Vendor Advisory x_refsource_confirm
https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20171018-wms
Third Party Advisory, VDB Entry vdb-entry
x_refsource_bid
http://www.securityfocus.com/bid/101492
Third Party Advisory, VDB Entry vdb-entry
x_refsource_sectrack
http://www.securitytracker.com/id/1039618
Scores
CVSS v3
8.6
EPSS
0.0230
EPSS Percentile
81.1%
Attack Vector
NETWORK
CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:C/C:N/I:N/A:H
Details
CWE
CWE-119
CWE-400
Status
published
Products (2)
cisco/webex_meetings_server
2.7
n/a/Cisco WebEx Meetings Server
Cisco WebEx Meetings Server
Published
Oct 19, 2017
Tracked Since
Feb 18, 2026