CVE-2018-0108

Name of the Vulnerable Software and Affected Versions: Cisco WebEx Meetings Server (affected versions not specified)

Description: A vulnerability could allow an unauthenticated, remote attacker to collect customer files via an out-of-band XML External Entity (XXE) injection. This could enable the attacker to gain information for additional reconnaissance attacks by capturing customer files and redirecting them to another destination address, potentially discovering sensitive customer data.

Recommendations: At the moment, there is no information about a newer version that contains a fix for this vulnerability.