CVE-2017-12293

Published Oct 19, 2017

Last updated 25 days ago

Overview

Description
A vulnerability in Cisco WebEx Meetings Server could allow an unauthenticated, remote attacker to cause a denial of service (DoS) condition. The vulnerability is due to insufficient limitations on the number of connections that can be made to the affected software. An attacker could exploit this vulnerability by opening multiple connections to the server and exhausting server resources. A successful exploit could cause the server to reload, resulting in a DoS condition. Cisco Bug IDs: CSCvf41006.
Source
psirt@cisco.com
NVD status
Deferred

Risk scores

CVSS 3.0

Type
Primary
Base score
8.6
Impact score
4
Exploitability score
3.9
Vector string
CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:C/C:N/I:N/A:H
Severity
HIGH

CVSS 2.0

Type
Primary
Base score
5
Impact score
2.9
Exploitability score
10
Vector string
AV:N/AC:L/Au:N/C:N/I:N/A:P

Weaknesses

psirt@cisco.com
CWE-119
nvd@nist.gov
CWE-119

Social media

Hype score
Not currently trending

Configurations