Executive Summary
Summary | |
---|---|
Title | Cisco WebEx Meetings Server Denial of Service Vulnerability |
Informations | |||
---|---|---|---|
Name | cisco-sa-20160914-wms | First vendor Publication | 2016-09-14 |
Vendor | Cisco | Last vendor Modification | 2016-09-14 |
Severity (Vendor) | N/A | Revision | 1.0 |
Security-Database Scoring CVSS v3
Cvss vector : N/A | |||
---|---|---|---|
Overall CVSS Score | NA | ||
Base Score | NA | Environmental Score | NA |
impact SubScore | NA | Temporal Score | NA |
Exploitabality Sub Score | NA | ||
Calculate full CVSS 3.0 Vectors scores |
Security-Database Scoring CVSS v2
Cvss vector : (AV:N/AC:L/Au:N/C:N/I:N/A:C) | |||
---|---|---|---|
Cvss Base Score | 7.8 | Attack Range | Network |
Cvss Impact Score | 6.9 | Attack Complexity | Low |
Cvss Expoit Score | 10 | Authentication | None Required |
Calculate full CVSS 2.0 Vectors scores |
Detail
A vulnerability in Cisco WebEx Meetings Server could allow an unauthenticated, remote attacker to cause a denial of service (DoS) condition on a targeted system. The vulnerability is due to improper validation of user accounts by specific services. An unauthenticated, remote attacker could exploit this vulnerability by repeatedly attempting to access a specific service, causing the system to perform computationally intensive tasks and resulting in a DoS condition. Cisco has released software updates that address this vulnerability. Workarounds that mitigate this vulnerability are not available. This advisory is available at the following link: http://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20160914-wms BEGIN PGP SIGNATURE iQIVAwUBV9lgCa89gD3EAJB5AQJEQRAA2PIWDz6cY0TMtxgNJWG6+/3+XknjChHk Ulf4QOVbbz/MLcCea529yCvVhdx56H8LxPJrzR7KnsuOoXqLarzIitZWJ8bNupL0 2FRs6Y8LVEqku7mJOtttVkpezrRJ8TUc6Q9qkDd2/vuKXMuBiLWdOed9muy6ftsO EC4OuaLrG3KxFesk3Emkc1m5wkF3IuR4SSsYUjeCQLz04B2dBvHmDw57P6/0SAPr QpP8hnV37CYB5/1X+HLI6z+5NTlU0cVXOysAuByMCp0jCW0f3mrzDrnyf2uMbwFS i6D/INwAuBR4J9hSWnC7O5mPgbu/7bjQs/nBAPiIWChqFt+uYbXVnrDHbmkoq1CS UnNid4wdYhn+NZT9GXSrHikQyTNTCL5d+tqz8EoPpdxao77aK92sRljrdQigRKch fsNiuJIo/dEalILM4rA8yk1bhFzazUWaqiQZLpY794ToTKYV3zlPS5a4C/ANw86q JPEBikz+VIoGYsG8567pQolQm0Fc4dzy3OIcPUlHsT6rZyh8ziRfkyhenPT0fKcb tSY9Cp88qGkX0fdwjS12ZmY2rpbKCmYkJG6WbubJTuKMxwkaYvA4QmIuY/05cZv7 J12GijFpEbReA0JyvsCHEvPiatRIxYFy1hIIv/AXR0ZHs4he0JSj/3AjAWUe/aDF V6Y+4lA0DJs= =hYij END PGP SIGNATURE _______________________________________________ cust-security-announce mailing list cust-security-announce@cisco.com To unsubscribe, send the command "unsubscribe" in the subject of your message to cust-security-announce-leave@cisco.com |
Original Source
Url : http://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco (...) |
CWE : Common Weakness Enumeration
% | Id | Name |
---|---|---|
100 % | CWE-20 | Improper Input Validation |
CPE : Common Platform Enumeration
Type | Description | Count |
---|---|---|
Application | 1 |
Snort® IPS/IDS
Date | Description |
---|---|
2016-09-17 | Cisco WebEx meetings server denial of service attempt RuleID : 40239 - Revision : 1 - Type : SERVER-OTHER |
Alert History
Date | Informations |
---|---|
2016-09-19 21:21:08 |
|
2016-09-19 09:22:53 |
|
2016-09-15 00:22:15 |
|