Vulnerabilities > Cisco > Webex Meetings Server > 2.6.1.39

DATE CVE VULNERABILITY TITLE RISK
2016-08-23 CVE-2016-1484 Improper Input Validation vulnerability in Cisco Webex Meetings Server 2.6.0/2.6.1.39
Cisco WebEx Meetings Server 2.6 allows remote attackers to bypass intended access restrictions and obtain sensitive application information via unspecified vectors, aka Bug ID CSCuy92724.
network
low complexity
cisco CWE-20
7.5
7.5
2016-07-15 CVE-2016-1450 Improper Input Validation vulnerability in Cisco Webex Meetings Server 2.6.0/2.6.1.39
Cisco WebEx Meetings Server 2.6 allows remote authenticated users to conduct command-injection attacks via vectors related to an upload's file type, aka Bug ID CSCuy92715.
network
high complexity
cisco CWE-20
7.5
7.5
2016-07-15 CVE-2016-1449 Cross-site Scripting vulnerability in Cisco Webex Meetings Server 2.6.0/2.6.1.39
Cross-site scripting (XSS) vulnerability in Cisco WebEx Meetings Server 2.6 allows remote attackers to inject arbitrary web script or HTML via a crafted URL, aka Bug ID CSCuy92711.
network
low complexity
cisco CWE-79
6.1
6.1
2016-07-15 CVE-2016-1447 Cross-site Scripting vulnerability in Cisco Webex Meetings Server 2.6.0/2.6.1.39
Cross-site scripting (XSS) vulnerability in the administrator interface in Cisco WebEx Meetings Server 2.6 allows remote attackers to inject arbitrary web script or HTML via unspecified vectors, aka Bug ID CSCuy83194.
network
low complexity
cisco CWE-79
6.1
6.1
2016-07-15 CVE-2016-1446 SQL Injection vulnerability in Cisco Webex Meetings Server 2.6.0/2.6.1.39
SQL injection vulnerability in Cisco WebEx Meetings Server 2.6 allows remote authenticated users to execute arbitrary SQL commands via unspecified vectors, aka Bug ID CSCuy83200.
network
low complexity
cisco CWE-89
8.8
8.8