CVE-2014-0691Insufficient Entropy in Cisco Webex Meetings Server

CWE-331Insufficient Entropy3 documents3 sources
Severity
7.3HIGHNVD
EPSS
0.2%
top 62.55%
CISA KEV
Not in KEV
Exploit
No known exploits
Affected products
1
Cisco Webex Meetings Server
Timeline
PublishedOct 24
Latest updateMay 17

Description

Cisco WebEx Meetings Server before 1.1 uses meeting IDs with insufficient entropy, which makes it easier for remote attackers to bypass authentication and join arbitrary meetings without a password, aka Bug ID CSCuc79643.

CVSS vector

CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:L/A:LExploitability: 3.9 | Impact: 3.4

Affected Packages1 packages

🔴Vulnerability Details

2
GHSA
GHSA-25h4-xpfg-774m: Cisco WebEx Meetings Server before 12022-05-17
CVEList
CVE-2014-0691: Cisco WebEx Meetings Server before 12017-10-24
CVE-2014-0691 — Insufficient Entropy in Cisco | cvebase