CVE-2017-3811

An XML External Entity vulnerability in Cisco WebEx Meetings Server could allow an authenticated, remote attacker to have read access to part of the information stored in the affected system. More Information: CSCvc39165. Known Affected Releases: 2.6. Known Fixed Releases: 2.7.1.2054.

Published: Mar 17, 2017
Updated: Apr 13, 2023
CVE: CVE-2017-3811
Severity: Medium
Exploit:

CVSS v3:

Severity: Medium
Score: 6.5
AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N

CVSS v2:

Severity: Low
Score: 4
AV:N/AC:L/Au:S/C:P/I:N/A:N

CWEs:

CWE-611

OWASP TOP 10:

A4 - XML External Entities (XXE)

Affected Software
References

Software	From	Fixed in
cisco / webex_meetings_server	2.6	2.6.x

http://www.securityfocus.com/bid/96912
http://www.securitytracker.com/id/1038042
https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20170315-wms

Vulnerability Database

289,599

CVE-2017-3811