CVE-2017-12293

A vulnerability in Cisco WebEx Meetings Server could allow an unauthenticated, remote attacker to cause a denial of service (DoS) condition. The vulnerability is due to insufficient limitations on the number of connections that can be made to the affected software. An attacker could exploit this vulnerability by opening multiple connections to the server and exhausting server resources. A successful exploit could cause the server to reload, resulting in a DoS condition. Cisco Bug IDs: CSCvf41006.

Published: Oct 19, 2017
Updated: Apr 13, 2023
CVE: CVE-2017-12293
Severity: High
Exploit:

CVSS v3:

Severity: High
Score: 8.6
AV:N/AC:L/PR:N/UI:N/S:C/C:N/I:N/A:H

CVSS v2:

Severity: Medium
Score: 5
AV:N/AC:L/Au:N/C:N/I:N/A:P

CWEs:

CWE-119
CWE-400

Affected Software
References

Software	From	Fixed in
cisco / webex_meetings_server	2.7	2.7.x

http://www.securityfocus.com/bid/101492
http://www.securitytracker.com/id/1039618
https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20171018-wms

Vulnerability Database

289,689

CVE-2017-12293