What is CVE-2017-6753?

CVE-2017-6753 is a high-severity vulnerability in Cisco Webex_event_center, classified under Improper Restriction of Operations within the Bounds of a Memory Buffer. CVSS score: 8.8/10. Published 2017-07-25.

How severe is CVE-2017-6753?

High severity. CVSS v3 base score is 8.8 out of 10.

Is CVE-2017-6753 known to be exploited?

1 public proof-of-concept repositories are indexed. Not currently listed in the CISA KEV catalog.

Buffer overflow in Cisco Webex_event_center

CVE-2017-6753

A vulnerability in Cisco WebEx browser extensions for Google Chrome and Mozilla Firefox could allow an unauthenticated, remote attacker to execute arbitrary code with the privileges of the affected browser on an affected system. This vulne…

Vulnerability class: Buffer Overflow

EPSS: 0.140 (94.5th percentile) — read the EPSS interpretation.

CVSS v3 metric

CVSS v3 base score 8.8 (High). Vector: CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H.

Affected products

Cisco Webex_event_center — versions t30_base, t31_base, t32_base
Cisco Webex_meeting_center — versions t30_base, t31_base, t32_base
Cisco Webex_meetings — versions t30_base
Cisco Webex_meetings_server — versions 1.1_base, 1.5.1.6, 1.5.1.131
Cisco Webex_meetings_server_2.0 — versions mr2, mr3, mr4
Cisco Webex_meetings_server_2.0_mr8_patch — versions 1
Cisco Webex_meetings_server_2.0_mr9_patch — versions 1, 2, 3
Cisco Webex_meetings_server_2.5 — versions mr1, mr2, mr3
Cisco Webex_meetings_server_2.5_mr2_patch — versions 1
Cisco Webex_meetings_server_2.5_mr5_patch — versions 1

Weakness classification (CWE)

CWE-119 — Improper Restriction of Operations within the Bounds of a Memory Buffer

Public proof-of-concept exploits

ARPSyndicate/cve-scores

References

psirt@cisco.com (VDB Entry, Third Party Advisory, vdb-entry, x_refsource_SECTRACK)
psirt@cisco.com (VDB Entry, Third Party Advisory, vdb-entry, x_refsource_BID)
psirt@cisco.com (x_refsource_CONFIRM, Vendor Advisory)
psirt@cisco.com (VDB Entry, Third Party Advisory, vdb-entry, x_refsource_SECTRACK)
psirt@cisco.com (VDB Entry, Third Party Advisory, vdb-entry, x_refsource_SECTRACK)

Frequently asked questions

What is CVE-2017-6753?: CVE-2017-6753 is a high-severity vulnerability in Cisco Webex_event_center, classified under Improper Restriction of Operations within the Bounds of a Memory Buffer. CVSS score: 8.8/10. Published 2017-07-25.
How severe is CVE-2017-6753?: High severity. CVSS v3 base score is 8.8 out of 10.
Is CVE-2017-6753 known to be exploited?: 1 public proof-of-concept repositories are indexed. Not currently listed in the CISA KEV catalog.