Vulnerability Description
A vulnerability in Cisco WebEx Meetings Server could allow an authenticated, remote attacker to access sensitive data about the application. An attacker could exploit this vulnerability to obtain information to conduct additional reconnaissance attacks. The vulnerability is due to a design flaw in Cisco WebEx Meetings Server that could allow an attacker who is authenticated as root to gain shared secrets. An attacker could exploit the vulnerability by accessing the root account and viewing sensitive information. Successful exploitation could allow the attacker to discover sensitive information about the application. Cisco Bug IDs: CSCvg42664.
CVSS Score
LOW
Affected Products
| Vendor | Product | Versions |
|---|---|---|
| Cisco | Webex Meetings Server | All versions |
Related Weaknesses (CWE)
References
- http://www.securityfocus.com/bid/102722Third Party AdvisoryVDB Entry
- http://www.securitytracker.com/id/1040235Third Party AdvisoryVDB Entry
- https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-2Vendor Advisory
- http://www.securityfocus.com/bid/102722Third Party AdvisoryVDB Entry
- http://www.securitytracker.com/id/1040235Third Party AdvisoryVDB Entry
- https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-2Vendor Advisory
FAQ
What is CVE-2018-0109?
CVE-2018-0109 is a vulnerability with a CVSS score of 2.7 (LOW). A vulnerability in Cisco WebEx Meetings Server could allow an authenticated, remote attacker to access sensitive data about the application. An attacker could exploit this vulnerability to obtain info...
How severe is CVE-2018-0109?
CVE-2018-0109 has been rated LOW with a CVSS base score of 2.7/10. Review the CVSS metrics above for detailed severity breakdown.
Is there a patch for CVE-2018-0109?
Check the references section above for vendor advisories and patch information. Affected products include: Cisco Webex Meetings Server.