Vulnerability Monitor

The vendors, products, and vulnerabilities you care about

CVE-2017-12293

A vulnerability in Cisco WebEx Meetings Server could allow an unauthenticated, remote attacker to cause a denial of service (DoS) condition. The vulnerability is due to insufficient limitations on the number of connections that can be made to the affected software. An attacker could exploit this vulnerability by opening multiple connections to the server and exhausting server resources. A successful exploit could cause the server to reload, resulting in a DoS condition. Cisco Bug IDs: CSCvf41006.

Published

2017-10-19T08:29:00.623

Last Modified

2025-04-20T01:37:25.860

Status

Deferred

Source

[email protected]

Severity

CVSSv3.0: 8.6 (HIGH)

CVSSv2 Vector

AV:N/AC:L/Au:N/C:N/I:N/A:P

Access Vector: NETWORK
Access Complexity: LOW
Authentication: NONE
Confidentiality Impact: NONE
Integrity Impact: NONE
Availability Impact: PARTIAL

Exploitability Score

10.0

Impact Score

2.9

Weaknesses

Type: Secondary
CWE-119
Type: Primary
CWE-119
CWE-400

Affected Vendors & Products

Type	Vendor	Product	Version/Range	Vulnerable?
Application	cisco	webex_meetings_server	2.7	Yes

References

http://www.securityfocus.com/bid/101492 Third Party Advisory, VDB Entry ([email protected])
http://www.securitytracker.com/id/1039618 Third Party Advisory, VDB Entry ([email protected])
https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20171018-wms Vendor Advisory ([email protected])
http://www.securityfocus.com/bid/101492 Third Party Advisory, VDB Entry (af854a3a-2127-422b-91ae-364da2661108)
http://www.securitytracker.com/id/1039618 Third Party Advisory, VDB Entry (af854a3a-2127-422b-91ae-364da2661108)
https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20171018-wms Vendor Advisory (af854a3a-2127-422b-91ae-364da2661108)