CVE-2017-3796 — OS Command Injection in Cisco Webex Meetings Server

CWE-78 — OS Command Injection4 documents4 sources
Severity
7.2HIGHNVD
EPSS
0.9%
top 23.81%
CISA KEV
Not in KEV
Exploit
No known exploits
Affected products
1
Cisco Webex Meetings Server
Timeline
PublishedJan 26
Latest updateMay 17

Description

A vulnerability in Cisco WebEx Meetings Server could allow an authenticated, remote attacker to execute predetermined shell commands on other hosts. More Information: CSCuz03353. Known Affected Releases: 2.6.

CVSS vector

CVSS:3.0/AV:N/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:HExploitability: 1.2 | Impact: 5.9

Affected Packages1 packages

🔴Vulnerability Details

2
GHSA
GHSA-xm73-9p8r-6f5v: A vulnerability in Cisco WebEx Meetings Server could allow an authenticated, remote attacker to execute predetermined shell commands on other hosts↗2022-05-17
â–¶
CVEList
CVE-2017-3796: A vulnerability in Cisco WebEx Meetings Server could allow an authenticated, remote attacker to execute predetermined shell commands on other hosts↗2017-01-26
â–¶

📋Vendor Advisories

1
Cisco
Cisco WebEx Meetings Server Command Bypass Vulnerability↗2017-01-18
â–¶
CVE-2017-3796 — OS Command Injection in Cisco | cvebase