Executive Summary

Title Cisco WebEx Meetings Server Denial of Service Vulnerability
Name cisco-sa-20160914-wms First vendor Publication 2016-09-14
Vendor Cisco Last vendor Modification 2016-09-14
Severity (Vendor) N/A Revision 1.0

Security-Database Scoring CVSS v3

Cvss vector : N/A
Overall CVSS Score NA
Base Score NA Environmental Score NA
impact SubScore NA Temporal Score NA
Exploitabality Sub Score NA
Calculate full CVSS 3.0 Vectors scores

Security-Database Scoring CVSS v2

Cvss vector : (AV:N/AC:L/Au:N/C:N/I:N/A:C)
Cvss Base Score 7.8 Attack Range Network
Cvss Impact Score 6.9 Attack Complexity Low
Cvss Expoit Score 10 Authentication None Required
Calculate full CVSS 2.0 Vectors scores


A vulnerability in Cisco WebEx Meetings Server could allow an unauthenticated, remote attacker to cause a denial of service (DoS) condition on a targeted system.

The vulnerability is due to improper validation of user accounts by specific services. An unauthenticated, remote attacker could exploit this vulnerability by repeatedly attempting to access a specific service, causing the system to perform computationally intensive tasks and resulting in a DoS condition.

Cisco has released software updates that address this vulnerability. Workarounds that mitigate this vulnerability are not available.

This advisory is available at the following link: http://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20160914-wms


iQIVAwUBV9lgCa89gD3EAJB5AQJEQRAA2PIWDz6cY0TMtxgNJWG6+/3+XknjChHk Ulf4QOVbbz/MLcCea529yCvVhdx56H8LxPJrzR7KnsuOoXqLarzIitZWJ8bNupL0 2FRs6Y8LVEqku7mJOtttVkpezrRJ8TUc6Q9qkDd2/vuKXMuBiLWdOed9muy6ftsO EC4OuaLrG3KxFesk3Emkc1m5wkF3IuR4SSsYUjeCQLz04B2dBvHmDw57P6/0SAPr QpP8hnV37CYB5/1X+HLI6z+5NTlU0cVXOysAuByMCp0jCW0f3mrzDrnyf2uMbwFS i6D/INwAuBR4J9hSWnC7O5mPgbu/7bjQs/nBAPiIWChqFt+uYbXVnrDHbmkoq1CS UnNid4wdYhn+NZT9GXSrHikQyTNTCL5d+tqz8EoPpdxao77aK92sRljrdQigRKch fsNiuJIo/dEalILM4rA8yk1bhFzazUWaqiQZLpY794ToTKYV3zlPS5a4C/ANw86q JPEBikz+VIoGYsG8567pQolQm0Fc4dzy3OIcPUlHsT6rZyh8ziRfkyhenPT0fKcb tSY9Cp88qGkX0fdwjS12ZmY2rpbKCmYkJG6WbubJTuKMxwkaYvA4QmIuY/05cZv7 J12GijFpEbReA0JyvsCHEvPiatRIxYFy1hIIv/AXR0ZHs4he0JSj/3AjAWUe/aDF V6Y+4lA0DJs= =hYij END PGP SIGNATURE _______________________________________________ cust-security-announce mailing list cust-security-announce@cisco.com To unsubscribe, send the command "unsubscribe" in the subject of your message to cust-security-announce-leave@cisco.com

Original Source

Url : http://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco (...)

CWE : Common Weakness Enumeration

% Id Name
100 % CWE-20 Improper Input Validation

CPE : Common Platform Enumeration

Application 1

Snort® IPS/IDS

Date Description
2016-09-17 Cisco WebEx meetings server denial of service attempt
RuleID : 40239 - Revision : 1 - Type : SERVER-OTHER

Alert History

If you want to see full details history, please login or register.
Date Informations
2016-09-19 21:21:08
  • Multiple Updates
2016-09-19 09:22:53
  • Multiple Updates
2016-09-15 00:22:15
  • First insertion