CVE-2016-1446SQL Injection in Cisco Webex Meetings Server

CWE-89SQL Injection4 documents4 sources
Severity
8.8HIGHNVD
EPSS
0.7%
top 28.67%
CISA KEV
Not in KEV
Exploit
No known exploits
Affected products
1
Cisco Webex Meetings Server
Timeline
PublishedJul 15
Latest updateMay 17

Description

SQL injection vulnerability in Cisco WebEx Meetings Server 2.6 allows remote authenticated users to execute arbitrary SQL commands via unspecified vectors, aka Bug ID CSCuy83200.

CVSS vector

CVSS:3.0/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:HExploitability: 2.8 | Impact: 5.9

Affected Packages1 packages

NVDcisco/webex_meetings_server2.6.0, 2.6.1.39+1

🔴Vulnerability Details

2
GHSA
GHSA-v4vf-84mq-c27x: SQL injection vulnerability in Cisco WebEx Meetings Server 22022-05-17
CVEList
CVE-2016-1446: SQL injection vulnerability in Cisco WebEx Meetings Server 22016-07-15

📋Vendor Advisories

1
Cisco
Cisco WebEx Meetings Server Administrator Interface SQL Injection Vulnerability2016-07-15
CVE-2016-1446 — SQL Injection in Cisco | cvebase