CVE-2017-3880

MEDIUM

Cisco WebEx Meetings Server - Auth Bypass

Title source: llm
STIX 2.1

Description

An Authentication Bypass vulnerability in Cisco WebEx Meetings Server could allow an unauthenticated, remote attacker to access limited meeting information on the Cisco WebEx Meetings Server. More Information: CSCvd50728. Known Affected Releases: 2.6 2.7 2.8 CWMS-2.5MR1 Orion1.1.2.patch T29_orion_merge.

References (3)

Core 3
Core References
Third Party Advisory, VDB Entry vdb-entry x_refsource_sectrack
http://www.securitytracker.com/id/1038040
Third Party Advisory, VDB Entry vdb-entry x_refsource_bid
http://www.securityfocus.com/bid/96918

Scores

CVSS v3 6.5
EPSS 0.0145
EPSS Percentile 70.1%
Attack Vector NETWORK
CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:L/A:N

Details

CWE
CWE-287
Status published
Products (20)
cisco/webex_meetings_server 2.5.1.5
cisco/webex_meetings_server 2.5.1.29
cisco/webex_meetings_server 2.5.99.2
cisco/webex_meetings_server 2.5_base
cisco/webex_meetings_server 2.5_mr1
cisco/webex_meetings_server 2.5_mr2 (2 CPE variants)
cisco/webex_meetings_server 2.5_mr3
cisco/webex_meetings_server 2.5_mr4
cisco/webex_meetings_server 2.5_mr5 (2 CPE variants)
cisco/webex_meetings_server 2.5_mr6 (5 CPE variants)
... and 10 more
Published Mar 17, 2017
Tracked Since Feb 18, 2026