Vulnerabilities > Cisco > Webex Meetings Server
| DATE | CVE | VULNERABILITY TITLE | RISK |
|---|---|---|---|
| 2016-09-19 | CVE-2016-1483 | Improper Input Validation vulnerability in Cisco Webex Meetings Server 2.6.0 Cisco WebEx Meetings Server 2.6 allows remote attackers to cause a denial of service (CPU consumption) by repeatedly accessing the account-validation component of an unspecified service, aka Bug ID CSCuy92704. | 7.5 |
| 2016-09-17 | CVE-2016-1482 | OS Command Injection vulnerability in Cisco Webex Meetings Server 2.6.0 Cisco WebEx Meetings Server 2.6 allows remote attackers to execute arbitrary commands by injecting these commands into an application script, aka Bug ID CSCuy83130. | 8.1 |
| 2016-08-23 | CVE-2016-1484 | Improper Input Validation vulnerability in Cisco Webex Meetings Server 2.6.0/2.6.1.39 Cisco WebEx Meetings Server 2.6 allows remote attackers to bypass intended access restrictions and obtain sensitive application information via unspecified vectors, aka Bug ID CSCuy92724. | 7.5 |
| 2016-07-17 | CVE-2016-1448 | Cross-Site Request Forgery (CSRF) vulnerability in Cisco Webex Meetings Server 2.7.1/2.7Base Cross-site request forgery (CSRF) vulnerability in Cisco WebEx Meetings Server 2.7 allows remote attackers to hijack the authentication of arbitrary users, aka Bug ID CSCuy92706. | 8.8 |
| 2016-07-15 | CVE-2016-1450 | Improper Input Validation vulnerability in Cisco Webex Meetings Server 2.6.0/2.6.1.39 Cisco WebEx Meetings Server 2.6 allows remote authenticated users to conduct command-injection attacks via vectors related to an upload's file type, aka Bug ID CSCuy92715. | 7.5 |
| 2016-07-15 | CVE-2016-1449 | Cross-site Scripting vulnerability in Cisco Webex Meetings Server 2.6.0/2.6.1.39 Cross-site scripting (XSS) vulnerability in Cisco WebEx Meetings Server 2.6 allows remote attackers to inject arbitrary web script or HTML via a crafted URL, aka Bug ID CSCuy92711. | 6.1 |
| 2016-07-15 | CVE-2016-1447 | Cross-site Scripting vulnerability in Cisco Webex Meetings Server 2.6.0/2.6.1.39 Cross-site scripting (XSS) vulnerability in the administrator interface in Cisco WebEx Meetings Server 2.6 allows remote attackers to inject arbitrary web script or HTML via unspecified vectors, aka Bug ID CSCuy83194. | 6.1 |
| 2016-07-15 | CVE-2016-1446 | SQL Injection vulnerability in Cisco Webex Meetings Server 2.6.0/2.6.1.39 SQL injection vulnerability in Cisco WebEx Meetings Server 2.6 allows remote authenticated users to execute arbitrary SQL commands via unspecified vectors, aka Bug ID CSCuy83200. | 8.8 |
| 2016-04-28 | CVE-2016-1389 | Unspecified vulnerability in Cisco Webex Meetings Server 2.6.0 Open redirect vulnerability in Cisco WebEx Meetings Server (CWMS) 2.6 allows remote attackers to redirect users to arbitrary web sites and conduct phishing attacks via unspecified vectors, aka Bug ID CSCuy44695. | 7.4 |
| 2016-02-07 | CVE-2016-1309 | Cross-site Scripting vulnerability in Cisco Webex Meetings Server 2.5.1.5 Multiple cross-site scripting (XSS) vulnerabilities in Cisco WebEx Meetings Server 2.5.1.5 allow remote attackers to inject arbitrary web script or HTML via unspecified parameters, aka Bug ID CSCuy01843. | 6.1 |