Cisco Webex Meeting Center — known CVE vulnerabilities
Every CVE whose affected-product data names Cisco Webex Meeting Center, ordered by CVSS severity, with EPSS exploit prediction and CISA KEV status.
CVEs (31)
CVE-2017-6753 — CVSS 8.8 (high): A vulnerability in Cisco WebEx browser extensions for Google Chrome and Mozilla Firefox could allow an unauthenticated, remote attacker to…
CVE-2017-3823 — CVSS 8.8 (high): An issue was discovered in the Cisco WebEx Extension before 1.0.7 on Google Chrome, the ActiveTouch General Plugin Container before 106 on…
CVE-2015-4208 — CVSS 7.5 (high): Cisco WebEx Meeting Center does not properly restrict the content of URLs in GET requests, which allows remote attackers to obtain…
CVE-2016-1410 — CVSS 7.5 (high): Cisco WebEx Meeting Center Original Release Base allows remote attackers to obtain sensitive information about username validity by (1)…
CVE-2015-6360 — CVSS 7.5 (high): The encryption-processing feature in Cisco libSRTP before 1.5.3 allows remote attackers to cause a denial of service via crafted fields in…
CVE-2010-3270 — CVSS 6.8 (medium): Stack-based buffer overflow in Cisco WebEx Meeting Center T27LB before SP21 EP3 and T27LC before SP22 allows user-assisted remote…
CVE-2017-12359 — CVSS 6.5 (medium): A Buffer Overflow vulnerability in Cisco WebEx Network Recording Player for Advanced Recording Format (.arf) files could allow an attacker…
CVE-2015-4209 — CVSS 6.4 (medium): Cisco WebEx Meeting Center does not properly determine authorization for reading a host calendar, which allows remote attackers to obtain…
CVE-2017-12366 — CVSS 6.1 (medium): A vulnerability in Cisco WebEx Meeting Center could allow an unauthenticated, remote attacker to conduct a cross-site scripting (XSS)…
CVE-2017-12298 — CVSS 6.1 (medium): A vulnerability in Cisco WebEx Meeting Center could allow an unauthenticated, remote attacker to conduct a cross-site scripting (XSS)…
CVE-2017-12286 — CVSS 5.5 (medium): A vulnerability in the web interface of Cisco Jabber could allow an authenticated, local attacker to retrieve user profile information from…
CVE-2017-3799 — CVSS 5.4 (medium): A vulnerability in a URL parameter of Cisco WebEx Meeting Center could allow an unauthenticated, remote attacker to perform site…
CVE-2019-15987 — CVSS 5.3 (medium): A vulnerability in web interface of the Cisco Webex Event Center, Cisco Webex Meeting Center, Cisco Webex Support Center, and Cisco Webex…
CVE-2014-3311 — CVSS 5.1 (medium): Heap-based buffer overflow in the file-sharing feature in WebEx Meetings Client in Cisco WebEx Meetings Server and WebEx Meeting Center…
CVE-2015-4212 — CVSS 5.0 (medium): Cisco WebEx Meeting Center allows remote attackers to obtain sensitive information via unspecified vectors, as demonstrated by discovering…
CVE-2013-6970 — CVSS 5.0 (medium): Cisco WebEx Meeting Center allows remote attackers to obtain sensitive information by reading verbose error messages within server…
CVE-2017-12297 — CVSS 5.0 (medium): A vulnerability in Cisco WebEx Meeting Center could allow an authenticated, remote attacker to initiate connections to arbitrary hosts, aka…
CVE-2014-0708 — CVSS 5.0 (medium): WebEx Meeting Center in Cisco WebEx Business Suite does not properly compose URLs for HTTP GET requests, which allows remote attackers to…
CVE-2015-0590 — CVSS 5.0 (medium): Cisco WebEx Meeting Center allows remote attackers to activate disabled meeting attributes, and consequently obtain sensitive information…
CVE-2015-4194 — CVSS 5.0 (medium): The web-based administrative interface in Cisco WebEx Meeting Center provides different error messages for failed login attempts depending…
CVE-2015-4207 — CVSS 5.0 (medium): Cisco WebEx Meeting Center places a meeting's access number in a URL, which allows remote attackers to obtain sensitive information and…
CVE-2014-2199 — CVSS 5.0 (medium): meetinginfo.do in Cisco WebEx Event Center, WebEx Meeting Center, WebEx Sales Center, WebEx Training Center, WebEx Meetings Server…
CVE-2015-0583 — CVSS 5.0 (medium): Cisco WebEx Meeting Center does not properly restrict the content of URLs, which allows remote attackers to obtain sensitive information…
CVE-2014-3310 — CVSS 4.3 (medium): The File Transfer feature in WebEx Meetings Client in Cisco WebEx Meetings Server and WebEx Meeting Center does not verify that a requested…
CVE-2015-4210 — CVSS 4.3 (medium): Cross-site scripting (XSS) vulnerability in Cisco WebEx Meeting Center allows remote attackers to inject arbitrary web script or HTML via a…
CVE-2013-6962 — CVSS 4.3 (medium): Cross-site scripting (XSS) vulnerability in the mobile-browser subsystem in Cisco WebEx Meeting Center allows remote attackers to inject…
CVE-2017-12360 — CVSS 4.3 (medium): A vulnerability in Cisco WebEx Network Recording Player for WebEx Recording Format (WRF) files could allow an attacker to cause a denial of…
CVE-2017-12365 — CVSS 4.3 (medium): A vulnerability in Cisco WebEx Event Center could allow an authenticated, remote attacker to view unlisted meeting information. The…
CVE-2013-6961 — CVSS 4.3 (medium): Cross-site scripting (XSS) vulnerability in the Collaboration Partner Access Console (CPAC) in Cisco WebEx Meeting Center allows remote…
CVE-2013-6960 — CVSS 4.3 (medium): Multiple cross-site scripting (XSS) vulnerabilities in Cisco WebEx Meeting Center allow remote attackers to inject arbitrary web script or…
CVE-2013-6964 — CVSS 3.5 (low): Cisco WebEx Meeting Center allows remote authenticated users to bypass access control and inject content from a different WebEx site via…