| Vulnerability Name: | CVE-2016-1447 (CCN-115058) | ||||||||||||
| Assigned: | 2016-07-14 | ||||||||||||
| Published: | 2016-07-14 | ||||||||||||
| Updated: | 2017-09-01 | ||||||||||||
| Summary: | Cross-site scripting (XSS) vulnerability in the administrator interface in Cisco WebEx Meetings Server 2.6 allows remote attackers to inject arbitrary web script or HTML via unspecified vectors, aka Bug ID CSCuy83194. | ||||||||||||
| CVSS v3 Severity: | 6.1 Medium (CVSS v3.1 Vector: CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N) 5.8 Medium (Temporal CVSS v3.1 Vector: CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N/E:H/RL:O/RC:C)
5.8 Medium (CCN Temporal CVSS v3.1 Vector: CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N/E:H/RL:O/RC:C)
| ||||||||||||
| CVSS v2 Severity: | 4.3 Medium (CVSS v2 Vector: AV:N/AC:M/Au:N/C:N/I:P/A:N)
| ||||||||||||
| Vulnerability Type: | CWE-79 | ||||||||||||
| Vulnerability Consequences: | Cross-Site Scripting | ||||||||||||
| References: | Source: MITRE Type: CNA CVE-2016-1447 Source: CISCO Type: Vendor Advisory 20160714 Cisco WebEx Meetings Server Administrator Interface Reflected Cross-Site Scripting Vulnerability Source: BID Type: UNKNOWN 91781 Source: CCN Type: BID-91781 Cisco WebEx Meetings Server CVE-2016-1447 Cross Site Scripting Vulnerability Source: SECTRACK Type: UNKNOWN 1036314 Source: XF Type: UNKNOWN cisco-webex-meetingserver-cve20161447-xss(115058) Source: CCN Type: Cisco Security Advisory cisco-sa-20160714-wms1 Cisco WebEx Meetings Server Administrator Interface Reflected Cross-Site Scripting Vulnerability | ||||||||||||
| Vulnerable Configuration: | Configuration 1: Configuration CCN 1:  Denotes that component is vulnerable | ||||||||||||
| BACK | |||||||||||||