CVE-2017-6753

CWE-119Buffer Overflow4 documents4 sources
Severity
8.8HIGH
EPSS
14.0%
top 5.67%
CISA KEV
Not in KEV
Exploit
No known exploits
Affected products
20
Cisco Webex Event CenterCisco Webex Meeting CenterCisco Webex Meetings+17 more
Timeline
PublishedJul 25
Latest updateMay 13

Description

A vulnerability in Cisco WebEx browser extensions for Google Chrome and Mozilla Firefox could allow an unauthenticated, remote attacker to execute arbitrary code with the privileges of the affected browser on an affected system. This vulnerability affects the browser extensions for Cisco WebEx Meetings Server, Cisco WebEx Centers (Meeting Center, Event Center, Training Center, and Support Center), and Cisco WebEx Meetings when they are running on Microsoft Windows. The vulnerability is due to a

CVSS vector

CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:HExploitability: 2.8 | Impact: 5.9

Affected Packages7 packages

CVEListV5cisco_webex_browser_extensionCisco WebEx Browser Extension
NVDcisco/webex_event_centert30_base, t31_base, t32_base+2
NVDcisco/webex_meeting_centert30_base, t31_base, t32_base+2
NVDcisco/webex_support_centert30_base, t31_base, t32_base+2
NVDcisco/webex_training_centert30_base, t31_base, t32_base+2

🔴Vulnerability Details

2
GHSA
GHSA-j6hm-qxwv-3jwr: A vulnerability in Cisco WebEx browser extensions for Google Chrome and Mozilla Firefox could allow an unauthenticated, remote attacker to execute arb2022-05-13
CVEList
CVE-2017-6753: A vulnerability in Cisco WebEx browser extensions for Google Chrome and Mozilla Firefox could allow an unauthenticated, remote attacker to execute arb2017-07-25

📋Vendor Advisories

1
Cisco
Cisco WebEx Browser Extension Remote Code Execution Vulnerability2017-07-17
CVE-2017-6753 (HIGH CVSS 8.8) | A vulnerability in Cisco WebEx brow | cvebase.io