CVE-2017-3880

Published Mar 17, 2017

Last updated 3 months ago

CVSS medium 6.5

Overview

Description: An Authentication Bypass vulnerability in Cisco WebEx Meetings Server could allow an unauthenticated, remote attacker to access limited meeting information on the Cisco WebEx Meetings Server. More Information: CSCvd50728. Known Affected Releases: 2.6 2.7 2.8 CWMS-2.5MR1 Orion1.1.2.patch T29_orion_merge.
Source: ykramarz@cisco.com
NVD status: Modified

Risk scores

CVSS 3.0

Type: Primary
Base score: 6.5
Impact score: 2.5
Exploitability score: 3.9
Vector string: CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:L/A:N
Severity: MEDIUM

CVSS 2.0

Type: Primary
Base score: 6.4
Impact score: 4.9
Exploitability score: 10
Vector string: AV:N/AC:L/Au:N/C:P/I:P/A:N

Weaknesses

nvd@nist.gov: CWE-287

Hype score: Not currently trending

Configurations

[
  {
    "nodes": [
      {
        "negate": false,
        "cpeMatch": [
          {
            "criteria": "cpe:2.3:a:cisco:webex_meetings_server:2.5.1.5:*:*:*:*:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "D5C7BE43-0F81-4550-813E-66D0844E9291"
          },
          {
            "criteria": "cpe:2.3:a:cisco:webex_meetings_server:2.5.1.29:*:*:*:*:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "9043AE98-9A13-46F8-8E8A-BEC9E8EE0843"
          },
          {
            "criteria": "cpe:2.3:a:cisco:webex_meetings_server:2.5.99.2:*:*:*:*:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "A8289371-84B7-4342-9EA6-2844A9C5DCDB"
          },
          {
            "criteria": "cpe:2.3:a:cisco:webex_meetings_server:2.5_base:*:*:*:*:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "9F4AF5A4-1B99-43F8-A659-7C57B033F2A2"
          },
          {
            "criteria": "cpe:2.3:a:cisco:webex_meetings_server:2.5_mr1:*:*:*:*:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "2F492431-5AE7-439F-81F1-B96EAD773E0E"
          },
          {
            "criteria": "cpe:2.3:a:cisco:webex_meetings_server:2.5_mr2:*:*:*:*:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "2EC640D5-C840-4ABB-BD22-9B60BBFE8DD2"
          },
          {
            "criteria": "cpe:2.3:a:cisco:webex_meetings_server:2.5_mr2:patch_1:*:*:*:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "F8226AF9-F7BA-4B99-86DE-9D8384E9BB35"
          },
          {
            "criteria": "cpe:2.3:a:cisco:webex_meetings_server:2.5_mr3:*:*:*:*:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "FEB2094F-B0E1-4129-BFD6-9FE1687B0AA9"
          },
          {
            "criteria": "cpe:2.3:a:cisco:webex_meetings_server:2.5_mr4:*:*:*:*:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "16B75EA6-516D-4550-B83D-E0EFDAA25208"
          },
          {
            "criteria": "cpe:2.3:a:cisco:webex_meetings_server:2.5_mr5:*:*:*:*:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "48A2A712-E8FD-460F-9A3C-3760082B8920"
          },
          {
            "criteria": "cpe:2.3:a:cisco:webex_meetings_server:2.5_mr5:patch_1:*:*:*:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "A72AC27A-5D0C-45A4-9EDC-C7A4885D76BB"
          },
          {
            "criteria": "cpe:2.3:a:cisco:webex_meetings_server:2.5_mr6:*:*:*:*:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "8F6F5080-355B-4A85-8DF4-D75D6A550C6E"
          },
          {
            "criteria": "cpe:2.3:a:cisco:webex_meetings_server:2.5_mr6:patch_1:*:*:*:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "2EC4CC18-3321-468F-8350-9304D4F7CCE4"
          },
          {
            "criteria": "cpe:2.3:a:cisco:webex_meetings_server:2.5_mr6:patch_2:*:*:*:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "4204B5A3-61FA-4534-95FC-6E18587BAE5F"
          },
          {
            "criteria": "cpe:2.3:a:cisco:webex_meetings_server:2.5_mr6:patch_3:*:*:*:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "C337D2B9-31C7-4CDF-B6DE-E96AEE74284E"
          },
          {
            "criteria": "cpe:2.3:a:cisco:webex_meetings_server:2.5_mr6:patch_4:*:*:*:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "7BC30D42-1765-4D7A-A2EF-5EDE2F2C669D"
          },
          {
            "criteria": "cpe:2.3:a:cisco:webex_meetings_server:2.6.0:*:*:*:*:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "F8745FD6-B0B3-46A9-9254-7B13877D7080"
          },
          {
            "criteria": "cpe:2.3:a:cisco:webex_meetings_server:2.6.1.39:*:*:*:*:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "794B669D-5A30-49CA-9F35-8F7AA5A2DF62"
          },
          {
            "criteria": "cpe:2.3:a:cisco:webex_meetings_server:2.6_mr1:*:*:*:*:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "9881CF16-F617-48DA-8CB8-08C3D943CCD6"
          },
          {
            "criteria": "cpe:2.3:a:cisco:webex_meetings_server:2.6_mr1:patch_1:*:*:*:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "4A7EAC01-0854-4647-881C-9C707DD00CFC"
          },
          {
            "criteria": "cpe:2.3:a:cisco:webex_meetings_server:2.6_mr2:*:*:*:*:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "4FFFB01B-1B4F-4072-A68C-98C538DE34ED"
          },
          {
            "criteria": "cpe:2.3:a:cisco:webex_meetings_server:2.6_mr2:patch_1:*:*:*:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "FBF1772B-AE24-4647-99A7-BFE69B6377BC"
          },
          {
            "criteria": "cpe:2.3:a:cisco:webex_meetings_server:2.6_mr3:*:*:*:*:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "9309C030-2F02-4E7E-B3E3-035B93DD1E0A"
          },
          {
            "criteria": "cpe:2.3:a:cisco:webex_meetings_server:2.6_mr3:patch_1:*:*:*:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "2E62E655-5A35-4CD8-A863-799419D584B5"
          },
          {
            "criteria": "cpe:2.3:a:cisco:webex_meetings_server:2.6_mr3:patch_2:*:*:*:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "EA824C93-C355-4649-8FC9-1A8DDFC6C16E"
          },
          {
            "criteria": "cpe:2.3:a:cisco:webex_meetings_server:2.7.1:*:*:*:*:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "ABA0048F-B88D-47F6-89D6-B7EDDECBF700"
          },
          {
            "criteria": "cpe:2.3:a:cisco:webex_meetings_server:2.7_base:*:*:*:*:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "30ECA8FE-D587-4692-AA90-9706E44BAC1D"
          },
          {
            "criteria": "cpe:2.3:a:cisco:webex_meetings_server:2.7_mr1:*:*:*:*:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "6DCD22A8-7E04-4782-AEB2-07878925A2AF"
          },
          {
            "criteria": "cpe:2.3:a:cisco:webex_meetings_server:2.7_mr1:patch_1:*:*:*:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "462FEEFC-E1FB-4A2F-81D7-B28B14689E55"
          },
          {
            "criteria": "cpe:2.3:a:cisco:webex_meetings_server:2.7_mr2:*:*:*:*:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "396253A5-EC5F-429B-ABF3-20CB0A56E658"
          },
          {
            "criteria": "cpe:2.3:a:cisco:webex_meetings_server:2.7_mr2:patch_1:*:*:*:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "17E96226-8039-4CBB-A8DC-B7BC349E3D40"
          }
        ],
        "operator": "OR"
      }
    ]
  }
]

Overview

Risk scores

CVSS 3.0

CVSS 2.0

Weaknesses

Social media

Configurations

References