CVE-2017-12297
A vulnerability in Cisco WebEx Meeting Center could allow an authenticated, remote attacker to initiate connections to arbitrary hosts, aka a "URL Redirection Vulnerability." The vulnerability is due to insufficient access control for HTTP traffic directed to the Cisco WebEx Meeting Center. An attacker could exploit this vulnerability by sending a malicious URL to the Cisco WebEx Meeting Center. An exploit could allow the attacker to connect to arbitrary hosts. Cisco Bug IDs: CSCvf63843.
| Software | From | Fixed in |
|---|---|---|
| cisco / webex_meeting_center | t31-sp8 | t31-sp8.x |
| cisco / webex_meeting_center | t31-sp9 | t31-sp9.x |
| cisco / webex_meeting_center | t30-sp7 | t30-sp7.x |
| cisco / webex_meeting_center | t30-sp8 | t30-sp8.x |
| cisco / webex_meeting_center | t30-sp9 | t30-sp9.x |
| cisco / webex_meeting_center | t32 | t32.x |
| cisco / webex_meeting_center | t32.3 | t32.3.x |
| cisco / webex_meeting_center | t32.4 | t32.4.x |
| cisco / webex_meeting_center | t32.6 | t32.6.x |
| cisco / webex_meeting_center | t32.7 | t32.7.x |
| cisco / webex_meeting_center | t32.8 | t32.8.x |
Deep Security Visibility Without the Complexity
SynScan provides clear, real-time security insights so you can monitor your attack surface, spot risks early, and act fast—without extra complexity.
- No setup fees
- 5-min deployment
- Cancel anytime