CVE-2017-3795

Опубликовано: 26 янв. 2017

Источник: nvd

CVSS3: 5.4

CVSS2: 6.5

EPSS Низкий

Описание

A vulnerability in Cisco WebEx Meetings Server could allow an authenticated, remote attacker to conduct arbitrary password changes against any non-administrative user. More Information: CSCuz03345. Known Affected Releases: 2.6. Known Fixed Releases: 2.7.1.12.

Ссылки

http://www.securityfocus.com/bid/95643
Third Party Advisory
VDB Entry
http://www.securitytracker.com/id/1037650
https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20170118-wms1
Vendor Advisory
http://www.securityfocus.com/bid/95643
Third Party Advisory
VDB Entry
http://www.securitytracker.com/id/1037650
https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20170118-wms1
Vendor Advisory

Уязвимые конфигурации

Конфигурация 1

cpe:2.3:a:cisco:webex_meetings_server:2.6.0:*:*:*:*:*:*:*

EPSS

Процентиль: 30%

0.00113

Низкий

5.4 Medium

CVSS3

6.5 Medium

CVSS2

Дефекты

CWE-287

Связанные уязвимости

GHSA-9xqc-m7wj-2pvm