Webex Meetings Server

webex_meetings_server

Vendor: Cisco • 136 CVEs

CVEs (136)

CVE VENDORS PRODUCTS UPDATED PUBLISHED CVSS
CVE-2015-4281 1Cisco 1Webex Meetings Server May 6, 2026 Jul 22, 2015 N/A· v4 N/A· v3 6.8 MEDIUM· v2 Cross-site request forgery (CSRF) vulnerability in Cisco WebEx Meetings Server 2.5 MR1 allows remote attackers to hijack the authentication of arbitrary users, aka Bug IDs CSCus56150 and CSCus56146.
CVE-2015-4276 1Cisco 1Webex Meetings Server May 6, 2026 Jul 16, 2015 N/A· v4 N/A· v3 6.5 MEDIUM· v2 Cisco WebEx Meetings Server 2.5MR1 allows remote authenticated users to execute arbitrary code via a crafted command parameter, aka Bug ID CSCus56138.
CVE-2015-0634 1Cisco 1Webex Meetings Server May 6, 2026 May 15, 2015 N/A· v4 N/A· v3 4.3 MEDIUM· v2 Cross-site scripting (XSS) vulnerability in the administrative interface in Cisco WebEx Meetings Server 2.5 and 2.5.0.997 allows remote attackers to inject arbitrary web script or HTML via a crafted URL, aka Bug ID CSCuq...Show more Cross-site scripting (XSS) vulnerability in the administrative interface in Cisco WebEx Meetings Server 2.5 and 2.5.0.997 allows remote attackers to inject arbitrary web script or HTML via a crafted URL, aka Bug ID CSCuq86310.Show less
CVE-2015-0668 1Cisco 1Webex Meetings Server May 6, 2026 Mar 20, 2015 N/A· v4 N/A· v3 4.3 MEDIUM· v2 Cross-site scripting (XSS) vulnerability in the administration portal in Cisco WebEx Meetings Server 2.5 and 2.5.99.2 allows remote attackers to inject arbitrary web script or HTML via unspecified vectors, aka Bug ID CSC...Show more Cross-site scripting (XSS) vulnerability in the administration portal in Cisco WebEx Meetings Server 2.5 and 2.5.99.2 allows remote attackers to inject arbitrary web script or HTML via unspecified vectors, aka Bug ID CSCuq66737.Show less
CVE-2015-0589 1Cisco 1Webex Meetings Server May 6, 2026 Feb 7, 2015 N/A· v4 N/A· v3 9.0 HIGH· v2 The administrative web interface in Cisco WebEx Meetings Server 1.0 through 1.5 allows remote authenticated users to execute arbitrary OS commands with root privileges via unspecified fields, aka Bug ID CSCuj40460.
CVE-2015-0597 1Cisco 1Webex Meetings Server May 6, 2026 Feb 2, 2015 N/A· v4 N/A· v3 5.0 MEDIUM· v2 The Forgot Password feature in Cisco WebEx Meetings Server 1.5(.1.131) and earlier allows remote attackers to enumerate administrative accounts via crafted packets, aka Bug IDs CSCuj67166 and CSCuj67159.
CVE-2015-0596 1Cisco 1Webex Meetings Server May 6, 2026 Feb 2, 2015 N/A· v4 N/A· v3 6.8 MEDIUM· v2 Cross-site request forgery (CSRF) vulnerability in Cisco WebEx Meetings Server 1.5(.1.131) and earlier allows remote attackers to hijack the authentication of arbitrary users, aka Bug ID CSCuj67163.
CVE-2015-0595 1Cisco 1Webex Meetings Server May 6, 2026 Feb 2, 2015 N/A· v4 N/A· v3 5.0 MEDIUM· v2 The XMLAPI in Cisco WebEx Meetings Server 1.5(.1.131) and earlier allows remote attackers to obtain sensitive information by reading return messages from crafted GET requests, aka Bug ID CSCuj67079.
CVE-2014-8034 1Cisco 1Webex Meetings Server May 6, 2026 Jan 15, 2015 N/A· v4 N/A· v3 5.0 MEDIUM· v2 Cisco WebEx Meetings Server 1.5 presents the same CAPTCHA challenge for each login attempt, which makes it easier for remote attackers to obtain access via a brute-force approach of guessing usernames, aka Bug ID CSCuj40...Show more Cisco WebEx Meetings Server 1.5 presents the same CAPTCHA challenge for each login attempt, which makes it easier for remote attackers to obtain access via a brute-force approach of guessing usernames, aka Bug ID CSCuj40321.Show less
CVE-2014-8036 1Cisco 1Webex Meetings Server May 6, 2026 Jan 10, 2015 N/A· v4 N/A· v3 5.0 MEDIUM· v2 The outlookpa component in Cisco WebEx Meetings Server does not properly validate API input, which allows remote attackers to modify a meeting's invite list via a crafted URL, aka Bug ID CSCuj40254.
CVE-2014-8035 1Cisco 1Webex Meetings Server May 6, 2026 Jan 10, 2015 N/A· v4 N/A· v3 5.0 MEDIUM· v2 The web framework in Cisco WebEx Meetings Server produces different returned messages for URL requests depending on whether a username exists, which allows remote attackers to enumerate user accounts via a series of requ...Show more The web framework in Cisco WebEx Meetings Server produces different returned messages for URL requests depending on whether a username exists, which allows remote attackers to enumerate user accounts via a series of requests, aka Bug ID CSCuj40247.Show less
CVE-2014-8033 1Cisco 1Webex Meetings Server May 6, 2026 Jan 9, 2015 N/A· v4 N/A· v3 5.0 MEDIUM· v2 The play/modules component in Cisco WebEx Meetings Server allows remote attackers to obtain administrator access via crafted API requests, aka Bug ID CSCuj40421.
CVE-2014-8032 1Cisco 1Webex Meetings Server May 6, 2026 Jan 9, 2015 N/A· v4 N/A· v3 4.0 MEDIUM· v2 The OutlookAction LI in Cisco WebEx Meetings Server allows remote authenticated users to obtain sensitive encrypted-password information via unspecified vectors, aka Bug IDs CSCuj40453 and CSCuj40449.
CVE-2014-8031 1Cisco 1Webex Meetings Server May 6, 2026 Jan 9, 2015 N/A· v4 N/A· v3 6.8 MEDIUM· v2 Cross-site request forgery (CSRF) vulnerability in Cisco WebEx Meetings Server allows remote attackers to hijack the authentication of arbitrary users, aka Bug ID CSCuj40456.
CVE-2014-8030 1Cisco 1Webex Meetings Server May 6, 2026 Jan 9, 2015 N/A· v4 N/A· v3 4.3 MEDIUM· v2 Cross-site scripting (XSS) vulnerability in sendPwMail.do in Cisco WebEx Meetings Server allows remote attackers to inject arbitrary web script or HTML via the email parameter, aka Bug ID CSCuj40381.
CVE-2014-3400 1Cisco 1Webex Meetings Server May 6, 2026 Oct 5, 2014 N/A· v4 N/A· v3 4.0 MEDIUM· v2 Cisco WebEx Meetings Server allows remote authenticated users to obtain sensitive information by reading logs, aka Bug IDs CSCuq36417 and CSCuq40344.
CVE-2014-3395 1Cisco 1Webex Meetings Server May 6, 2026 Sep 30, 2014 N/A· v4 N/A· v3 5.0 MEDIUM· v2 Cisco WebEx Meetings Server (WMS) 2.5 allows remote attackers to trigger the download of arbitrary files via a crafted URL, aka Bug ID CSCup10343.
CVE-2014-3302 1Cisco 1Webex Meetings Server May 6, 2026 Aug 1, 2014 N/A· v4 N/A· v3 5.8 MEDIUM· v2 user.php in Cisco WebEx Meetings Server 1.5(.1.131) and earlier does not properly implement the token timer for authenticated encryption, which allows remote attackers to obtain sensitive information via a crafted URL, a...Show more user.php in Cisco WebEx Meetings Server 1.5(.1.131) and earlier does not properly implement the token timer for authenticated encryption, which allows remote attackers to obtain sensitive information via a crafted URL, aka Bug ID CSCuj81708.Show less
CVE-2014-3304 1Cisco 1Webex Meetings Server May 6, 2026 Jul 28, 2014 N/A· v4 N/A· v3 5.0 MEDIUM· v2 The OutlookAction Class in Cisco WebEx Meetings Server allows remote attackers to enumerate user accounts by entering crafted URLs and examining the returned messages, aka Bug ID CSCuj81722.
CVE-2014-3303 1Cisco 1Webex Meetings Server May 6, 2026 Jul 28, 2014 N/A· v4 N/A· v3 4.0 MEDIUM· v2 The web framework in Cisco WebEx Meetings Server does not properly restrict the content of query strings, which allows remote attackers to obtain sensitive information by reading (1) web-server access logs, (2) web-serve...Show more The web framework in Cisco WebEx Meetings Server does not properly restrict the content of query strings, which allows remote attackers to obtain sensitive information by reading (1) web-server access logs, (2) web-server Referer logs, or (3) the browser history, aka Bug ID CSCuj81713.Show less

Previous 1 2 3 4 567 Next