Auth bypass in Cisco Webex_meetings_server
CVE-2017-3880
An Authentication Bypass vulnerability in Cisco WebEx Meetings Server could allow an unauthenticated, remote attacker to access limited meeting information on the Cisco WebEx Meetings Server. More Information: CSCvd50728. Known Affected Re…
Vulnerability class: Broken Authentication
EPSS: 0.004 (59.8th percentile) — read the EPSS interpretation.
CVSS v3 metric
CVSS v3 base score 6.5 (Medium). Vector: CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:L/A:N.
Affected products
- Cisco Webex_meetings_server — versions 2.5.1.5, 2.5.1.29, 2.5.99.2
- N/a Cisco Webex Meetings Server — versions Cisco WebEx Meetings Server
Weakness classification (CWE)
References
- psirt@cisco.com (x_refsource_CONFIRM, Vendor Advisory)
- psirt@cisco.com (vdb-entry, x_refsource_SECTRACK)
- psirt@cisco.com (VDB Entry, Third Party Advisory, vdb-entry, x_refsource_BID)
Frequently asked questions
- What is CVE-2017-3880?
- CVE-2017-3880 is a medium-severity vulnerability in Cisco Webex_meetings_server, classified under Improper Authentication. CVSS score: 6.5/10. Published 2017-03-17.
- How severe is CVE-2017-3880?
- Medium severity. CVSS v3 base score is 6.5 out of 10.