← Back

CVE-2017-3880

nvd nist
Published: Mar 17, 2017Modified: May 13, 2026

JSON object

Loading...
6.5
Vector
CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:L/A:N
Exploitability: 3.9 / Impact: 2.5
Source: NVD

Description

An Authentication Bypass vulnerability in Cisco WebEx Meetings Server could allow an unauthenticated, remote attacker to access limited meeting information on the Cisco WebEx Meetings Server. More Information: CSCvd50728. Known Affected Releases: 2.6 2.7 2.8 CWMS-2.5MR1 Orion1.1.2.patch T29_orion_merge.

Affected (31)

Cisco
1 product
Webex Meetings Server
Configuration A
31 vulnerable
Vulnerable SoftwareAffected Versions
Cisco
Webex Meetings Server
Version 2.5.1.29
Webex Meetings Server
Version 2.5.1.5
Webex Meetings Server
Version 2.5.99.2
Webex Meetings Server
Version 2.5_base
Webex Meetings Server
Version 2.5_mr1
Webex Meetings Server
Version 2.5_mr2
Webex Meetings Server
Version 2.5_mr2 patch_1
Webex Meetings Server
Version 2.5_mr3
Webex Meetings Server
Version 2.5_mr4
Webex Meetings Server
Version 2.5_mr5
Webex Meetings Server
Version 2.5_mr5 patch_1
Webex Meetings Server
Version 2.5_mr6
Webex Meetings Server
Version 2.5_mr6 patch_1
Webex Meetings Server
Version 2.5_mr6 patch_2
Webex Meetings Server
Version 2.5_mr6 patch_3
Webex Meetings Server
Version 2.5_mr6 patch_4
Webex Meetings Server
Version 2.6.0
Webex Meetings Server
Version 2.6.1.39
Webex Meetings Server
Version 2.6_mr1
Webex Meetings Server
Version 2.6_mr1 patch_1
Webex Meetings Server
Version 2.6_mr2
Webex Meetings Server
Version 2.6_mr2 patch_1
Webex Meetings Server
Version 2.6_mr3
Webex Meetings Server
Version 2.6_mr3 patch_1
Webex Meetings Server
Version 2.6_mr3 patch_2
Webex Meetings Server
Version 2.7.1
Webex Meetings Server
Version 2.7_base
Webex Meetings Server
Version 2.7_mr1
Webex Meetings Server
Version 2.7_mr1 patch_1
Webex Meetings Server
Version 2.7_mr2
Webex Meetings Server
Version 2.7_mr2 patch_1

Related CWEs

CWE-287
Improper Authentication
When an actor claims to have a given identity, the product does not prove or insufficiently proves that the claim is correct.

References (6)

Source: psirt@cisco.com
Third Party AdvisoryVDB Entry
Source: psirt@cisco.com
Source: psirt@cisco.com
Vendor Advisory
Source: af854a3a-2127-422b-91ae-364da2661108
Third Party AdvisoryVDB Entry
Source: af854a3a-2127-422b-91ae-364da2661108
Source: af854a3a-2127-422b-91ae-364da2661108
Vendor Advisory

Timeline

No history available yet.