CVE-2017-3880 (GCVE-0-2017-3880)
Vulnerability from cvelistv5
Published
2017-03-17 22:00
Modified
2024-08-05 14:39
Severity ?
VLAI Severity ?
EPSS score ?
CWE
- Authentication Bypass Vulnerability
Summary
An Authentication Bypass vulnerability in Cisco WebEx Meetings Server could allow an unauthenticated, remote attacker to access limited meeting information on the Cisco WebEx Meetings Server. More Information: CSCvd50728. Known Affected Releases: 2.6 2.7 2.8 CWMS-2.5MR1 Orion1.1.2.patch T29_orion_merge.
References
Impacted products
| Vendor | Product | Version | ||
|---|---|---|---|---|
| n/a | Cisco WebEx Meetings Server |
Version: Cisco WebEx Meetings Server |
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-05T14:39:41.095Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"tags": [
"x_refsource_CONFIRM",
"x_transferred"
],
"url": "https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20170315-webex"
},
{
"name": "1038040",
"tags": [
"vdb-entry",
"x_refsource_SECTRACK",
"x_transferred"
],
"url": "http://www.securitytracker.com/id/1038040"
},
{
"name": "96918",
"tags": [
"vdb-entry",
"x_refsource_BID",
"x_transferred"
],
"url": "http://www.securityfocus.com/bid/96918"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "Cisco WebEx Meetings Server",
"vendor": "n/a",
"versions": [
{
"status": "affected",
"version": "Cisco WebEx Meetings Server"
}
]
}
],
"datePublic": "2017-03-17T00:00:00",
"descriptions": [
{
"lang": "en",
"value": "An Authentication Bypass vulnerability in Cisco WebEx Meetings Server could allow an unauthenticated, remote attacker to access limited meeting information on the Cisco WebEx Meetings Server. More Information: CSCvd50728. Known Affected Releases: 2.6 2.7 2.8 CWMS-2.5MR1 Orion1.1.2.patch T29_orion_merge."
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "Authentication Bypass Vulnerability",
"lang": "en",
"type": "text"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2017-07-11T09:57:01",
"orgId": "d1c1063e-7a18-46af-9102-31f8928bc633",
"shortName": "cisco"
},
"references": [
{
"tags": [
"x_refsource_CONFIRM"
],
"url": "https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20170315-webex"
},
{
"name": "1038040",
"tags": [
"vdb-entry",
"x_refsource_SECTRACK"
],
"url": "http://www.securitytracker.com/id/1038040"
},
{
"name": "96918",
"tags": [
"vdb-entry",
"x_refsource_BID"
],
"url": "http://www.securityfocus.com/bid/96918"
}
],
"x_legacyV4Record": {
"CVE_data_meta": {
"ASSIGNER": "psirt@cisco.com",
"ID": "CVE-2017-3880",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "Cisco WebEx Meetings Server",
"version": {
"version_data": [
{
"version_value": "Cisco WebEx Meetings Server"
}
]
}
}
]
},
"vendor_name": "n/a"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "An Authentication Bypass vulnerability in Cisco WebEx Meetings Server could allow an unauthenticated, remote attacker to access limited meeting information on the Cisco WebEx Meetings Server. More Information: CSCvd50728. Known Affected Releases: 2.6 2.7 2.8 CWMS-2.5MR1 Orion1.1.2.patch T29_orion_merge."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "Authentication Bypass Vulnerability"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20170315-webex",
"refsource": "CONFIRM",
"url": "https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20170315-webex"
},
{
"name": "1038040",
"refsource": "SECTRACK",
"url": "http://www.securitytracker.com/id/1038040"
},
{
"name": "96918",
"refsource": "BID",
"url": "http://www.securityfocus.com/bid/96918"
}
]
}
}
}
},
"cveMetadata": {
"assignerOrgId": "d1c1063e-7a18-46af-9102-31f8928bc633",
"assignerShortName": "cisco",
"cveId": "CVE-2017-3880",
"datePublished": "2017-03-17T22:00:00",
"dateReserved": "2016-12-21T00:00:00",
"dateUpdated": "2024-08-05T14:39:41.095Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1",
"vulnerability-lookup:meta": {
"nvd": "{\"cve\":{\"id\":\"CVE-2017-3880\",\"sourceIdentifier\":\"psirt@cisco.com\",\"published\":\"2017-03-17T22:59:00.610\",\"lastModified\":\"2025-04-20T01:37:25.860\",\"vulnStatus\":\"Deferred\",\"cveTags\":[],\"descriptions\":[{\"lang\":\"en\",\"value\":\"An Authentication Bypass vulnerability in Cisco WebEx Meetings Server could allow an unauthenticated, remote attacker to access limited meeting information on the Cisco WebEx Meetings Server. More Information: CSCvd50728. Known Affected Releases: 2.6 2.7 2.8 CWMS-2.5MR1 Orion1.1.2.patch T29_orion_merge.\"},{\"lang\":\"es\",\"value\":\"Una vulnerabilidad de desv\u00edo de autenticaci\u00f3n en Cisco WebEx Meetings Server podr\u00eda permitir que un atacante remoto no autenticado acceda a la informaci\u00f3n limitada de reuniones en el servidor de Cisco WebEx Meetings. M\u00e1s informaci\u00f3n: CSCvd50728. Lanzamientos afectados conocidos: 2.6 2.7 2.8 CWMS-2.5MR1 Orion1.1.2.patch T29_orion_merge.\"}],\"metrics\":{\"cvssMetricV30\":[{\"source\":\"nvd@nist.gov\",\"type\":\"Primary\",\"cvssData\":{\"version\":\"3.0\",\"vectorString\":\"CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:L/A:N\",\"baseScore\":6.5,\"baseSeverity\":\"MEDIUM\",\"attackVector\":\"NETWORK\",\"attackComplexity\":\"LOW\",\"privilegesRequired\":\"NONE\",\"userInteraction\":\"NONE\",\"scope\":\"UNCHANGED\",\"confidentialityImpact\":\"LOW\",\"integrityImpact\":\"LOW\",\"availabilityImpact\":\"NONE\"},\"exploitabilityScore\":3.9,\"impactScore\":2.5}],\"cvssMetricV2\":[{\"source\":\"nvd@nist.gov\",\"type\":\"Primary\",\"cvssData\":{\"version\":\"2.0\",\"vectorString\":\"AV:N/AC:L/Au:N/C:P/I:P/A:N\",\"baseScore\":6.4,\"accessVector\":\"NETWORK\",\"accessComplexity\":\"LOW\",\"authentication\":\"NONE\",\"confidentialityImpact\":\"PARTIAL\",\"integrityImpact\":\"PARTIAL\",\"availabilityImpact\":\"NONE\"},\"baseSeverity\":\"MEDIUM\",\"exploitabilityScore\":10.0,\"impactScore\":4.9,\"acInsufInfo\":false,\"obtainAllPrivilege\":false,\"obtainUserPrivilege\":false,\"obtainOtherPrivilege\":false,\"userInteractionRequired\":false}]},\"weaknesses\":[{\"source\":\"nvd@nist.gov\",\"type\":\"Primary\",\"description\":[{\"lang\":\"en\",\"value\":\"CWE-287\"}]}],\"configurations\":[{\"nodes\":[{\"operator\":\"OR\",\"negate\":false,\"cpeMatch\":[{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:cisco:webex_meetings_server:2.5.1.5:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"D5C7BE43-0F81-4550-813E-66D0844E9291\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:cisco:webex_meetings_server:2.5.1.29:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"9043AE98-9A13-46F8-8E8A-BEC9E8EE0843\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:cisco:webex_meetings_server:2.5.99.2:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"A8289371-84B7-4342-9EA6-2844A9C5DCDB\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:cisco:webex_meetings_server:2.5_base:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"9F4AF5A4-1B99-43F8-A659-7C57B033F2A2\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:cisco:webex_meetings_server:2.5_mr1:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"2F492431-5AE7-439F-81F1-B96EAD773E0E\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:cisco:webex_meetings_server:2.5_mr2:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"2EC640D5-C840-4ABB-BD22-9B60BBFE8DD2\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:cisco:webex_meetings_server:2.5_mr2:patch_1:*:*:*:*:*:*\",\"matchCriteriaId\":\"F8226AF9-F7BA-4B99-86DE-9D8384E9BB35\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:cisco:webex_meetings_server:2.5_mr3:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"FEB2094F-B0E1-4129-BFD6-9FE1687B0AA9\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:cisco:webex_meetings_server:2.5_mr4:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"16B75EA6-516D-4550-B83D-E0EFDAA25208\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:cisco:webex_meetings_server:2.5_mr5:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"48A2A712-E8FD-460F-9A3C-3760082B8920\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:cisco:webex_meetings_server:2.5_mr5:patch_1:*:*:*:*:*:*\",\"matchCriteriaId\":\"A72AC27A-5D0C-45A4-9EDC-C7A4885D76BB\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:cisco:webex_meetings_server:2.5_mr6:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"8F6F5080-355B-4A85-8DF4-D75D6A550C6E\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:cisco:webex_meetings_server:2.5_mr6:patch_1:*:*:*:*:*:*\",\"matchCriteriaId\":\"2EC4CC18-3321-468F-8350-9304D4F7CCE4\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:cisco:webex_meetings_server:2.5_mr6:patch_2:*:*:*:*:*:*\",\"matchCriteriaId\":\"4204B5A3-61FA-4534-95FC-6E18587BAE5F\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:cisco:webex_meetings_server:2.5_mr6:patch_3:*:*:*:*:*:*\",\"matchCriteriaId\":\"C337D2B9-31C7-4CDF-B6DE-E96AEE74284E\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:cisco:webex_meetings_server:2.5_mr6:patch_4:*:*:*:*:*:*\",\"matchCriteriaId\":\"7BC30D42-1765-4D7A-A2EF-5EDE2F2C669D\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:cisco:webex_meetings_server:2.6.0:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"F8745FD6-B0B3-46A9-9254-7B13877D7080\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:cisco:webex_meetings_server:2.6.1.39:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"794B669D-5A30-49CA-9F35-8F7AA5A2DF62\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:cisco:webex_meetings_server:2.6_mr1:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"9881CF16-F617-48DA-8CB8-08C3D943CCD6\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:cisco:webex_meetings_server:2.6_mr1:patch_1:*:*:*:*:*:*\",\"matchCriteriaId\":\"4A7EAC01-0854-4647-881C-9C707DD00CFC\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:cisco:webex_meetings_server:2.6_mr2:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"4FFFB01B-1B4F-4072-A68C-98C538DE34ED\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:cisco:webex_meetings_server:2.6_mr2:patch_1:*:*:*:*:*:*\",\"matchCriteriaId\":\"FBF1772B-AE24-4647-99A7-BFE69B6377BC\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:cisco:webex_meetings_server:2.6_mr3:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"9309C030-2F02-4E7E-B3E3-035B93DD1E0A\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:cisco:webex_meetings_server:2.6_mr3:patch_1:*:*:*:*:*:*\",\"matchCriteriaId\":\"2E62E655-5A35-4CD8-A863-799419D584B5\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:cisco:webex_meetings_server:2.6_mr3:patch_2:*:*:*:*:*:*\",\"matchCriteriaId\":\"EA824C93-C355-4649-8FC9-1A8DDFC6C16E\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:cisco:webex_meetings_server:2.7.1:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"ABA0048F-B88D-47F6-89D6-B7EDDECBF700\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:cisco:webex_meetings_server:2.7_base:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"30ECA8FE-D587-4692-AA90-9706E44BAC1D\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:cisco:webex_meetings_server:2.7_mr1:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"6DCD22A8-7E04-4782-AEB2-07878925A2AF\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:cisco:webex_meetings_server:2.7_mr1:patch_1:*:*:*:*:*:*\",\"matchCriteriaId\":\"462FEEFC-E1FB-4A2F-81D7-B28B14689E55\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:cisco:webex_meetings_server:2.7_mr2:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"396253A5-EC5F-429B-ABF3-20CB0A56E658\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:cisco:webex_meetings_server:2.7_mr2:patch_1:*:*:*:*:*:*\",\"matchCriteriaId\":\"17E96226-8039-4CBB-A8DC-B7BC349E3D40\"}]}]}],\"references\":[{\"url\":\"http://www.securityfocus.com/bid/96918\",\"source\":\"psirt@cisco.com\",\"tags\":[\"Third Party Advisory\",\"VDB Entry\"]},{\"url\":\"http://www.securitytracker.com/id/1038040\",\"source\":\"psirt@cisco.com\"},{\"url\":\"https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20170315-webex\",\"source\":\"psirt@cisco.com\",\"tags\":[\"Vendor Advisory\"]},{\"url\":\"http://www.securityfocus.com/bid/96918\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\",\"tags\":[\"Third Party Advisory\",\"VDB Entry\"]},{\"url\":\"http://www.securitytracker.com/id/1038040\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\"},{\"url\":\"https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20170315-webex\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\",\"tags\":[\"Vendor Advisory\"]}]}}"
}
}
Loading…
Loading…
Sightings
| Author | Source | Type | Date |
|---|
Nomenclature
- Seen: The vulnerability was mentioned, discussed, or seen somewhere by the user.
- Confirmed: The vulnerability is confirmed from an analyst perspective.
- Exploited: This vulnerability was exploited and seen by the user reporting the sighting.
- Patched: This vulnerability was successfully patched by the user reporting the sighting.
- Not exploited: This vulnerability was not exploited or seen by the user reporting the sighting.
- Not confirmed: The user expresses doubt about the veracity of the vulnerability.
- Not patched: This vulnerability was not successfully patched by the user reporting the sighting.
Loading…
Loading…