Vulnerabilities > Cisco > Medium
| DATE | CVE | VULNERABILITY TITLE | RISK |
|---|---|---|---|
| 2017-11-30 | CVE-2017-12370 | Improper Restriction of Operations within the Bounds of a Memory Buffer vulnerability in Cisco Webex Meetings T30/T31 A "Cisco WebEx Network Recording Player Remote Code Execution Vulnerability" exists in Cisco WebEx Network Recording Player for Advanced Recording Format (ARF) and WebEx Recording Format (WRF) files. | 6.8 |
| 2017-11-30 | CVE-2017-12369 | Out-of-bounds Read vulnerability in Cisco Webex Meetings A "Cisco WebEx Network Recording Player Out-of-Bounds Vulnerability" exists in Cisco WebEx Network Recording Player for Advanced Recording Format (ARF) and WebEx Recording Format (WRF) files. | 6.8 |
| 2017-11-30 | CVE-2017-12368 | Improper Restriction of Operations within the Bounds of a Memory Buffer vulnerability in Cisco Webex Meetings and Webex Meetings Server A "Cisco WebEx Network Recording Player Remote Code Execution Vulnerability" exists in Cisco WebEx Network Recording Player for Advanced Recording Format (ARF) and WebEx Recording Format (WRF) files. | 6.8 |
| 2017-11-30 | CVE-2017-12367 | Improper Input Validation vulnerability in Cisco Webex Meetings Server T29/T30/T31.11.2 A "Cisco WebEx Network Recording Player Denial of Service Vulnerability" exists in Cisco WebEx Network Recording Player for Advanced Recording Format (ARF) and WebEx Recording Format (WRF) files. | 6.8 |
| 2017-11-30 | CVE-2017-12366 | Cross-site Scripting vulnerability in Cisco Webex Meeting Center T32.6 A vulnerability in Cisco WebEx Meeting Center could allow an unauthenticated, remote attacker to conduct a cross-site scripting (XSS) attack against a user of an affected system. | 4.3 |
| 2017-11-30 | CVE-2017-12365 | Information Exposure vulnerability in Cisco Webex Meeting Center T32.6 A vulnerability in Cisco WebEx Event Center could allow an authenticated, remote attacker to view unlisted meeting information. | 4.0 |
| 2017-11-30 | CVE-2017-12364 | SQL Injection vulnerability in Cisco Prime Service Catalog 11.1.1/12.0/12.1 A SQL Injection vulnerability in the web framework of Cisco Prime Service Catalog could allow an unauthenticated, remote attacker to execute unauthorized Structured Query Language (SQL) queries. | 6.4 |
| 2017-11-30 | CVE-2017-12363 | Exposure of Resource to Wrong Sphere vulnerability in Cisco Webex Meetings Server 2.6.0.8/2.7 A vulnerability in Cisco WebEx Meeting Server could allow an unauthenticated, remote attacker to modify the welcome message of a meeting on an affected system. | 5.0 |
| 2017-11-30 | CVE-2017-12360 | Unspecified vulnerability in Cisco Webex Meeting Center A vulnerability in Cisco WebEx Network Recording Player for WebEx Recording Format (WRF) files could allow an attacker to cause a denial of service (DoS) condition. network cisco | 4.3 |
| 2017-11-30 | CVE-2017-12359 | Improper Restriction of Operations within the Bounds of a Memory Buffer vulnerability in Cisco Webex Meeting Center and Webex Meetings Server A Buffer Overflow vulnerability in Cisco WebEx Network Recording Player for Advanced Recording Format (.arf) files could allow an attacker to execute arbitrary code on a system. | 4.3 |