PT-2017-12531 · Cisco · Cisco Webex Event Center

Publicado

2017-11-30

Atualizado

2019-10-09

CVE-2017-12365

CVSS v3.1

4.3

Média

Vetor

AV:N/AC:L/PR:L/UI:N/S:U/C:L/I:N/A:N

Name of the Vulnerable Software and Affected Versions Cisco WebEx Event Center (affected versions not specified)

Description A design flaw in the product allows an authenticated, remote attacker to view unlisted meeting information by executing a query on an Event Center site. This query can display both listed and unlisted meetings, potentially allowing attackers to attend meetings they are not supposed to attend.

Recommendations At the moment, there is no information about a newer version that contains a fix for this vulnerability.

Information Disclosure

Encontrou algum problema na descrição? Tem algo a acrescentar? Fique à vontade para nos escrever 👾

dbugs@ptsecurity.com

Enumeração de Fraquezas

CWE-200

Identificadores relacionados

CVE-2017-12365

Produtos afetados

Cisco Webex Event Center

PT-2017-12531 · Cisco · Cisco Webex Event Center

CVE-2017-12365

Enumeração de Fraquezas

Identificadores relacionados

Produtos afetados

Referências · 5