Vulnerability-Lookup

CVE-2016-1484 (GCVE-0-2016-1484)

Vulnerability from cvelistv5 – Published: 2016-08-23 01:00 – Updated: 2024-08-05 22:55

Summary

Cisco WebEx Meetings Server 2.6 allows remote attackers to bypass intended access restrictions and obtain sensitive application information via unspecified vectors, aka Bug ID CSCuy92724.

Severity

7.5 (High)


                        
                          CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N

CWE

Assigner

cisco

References

3 references

URL	Tags
http://tools.cisco.com/security/center/content/Ci…	vendor-advisoryx_refsource_CISCO
http://www.securityfocus.com/bid/92519	vdb-entryx_refsource_BID
http://www.securitytracker.com/id/1036649	vdb-entryx_refsource_SECTRACK

Date Public

2016-08-17 00:00

Show details on NVD website

JSON

To clipboard

{
  "containers": {
    "adp": [
      {
        "providerMetadata": {
          "dateUpdated": "2024-08-05T22:55:14.556Z",
          "orgId": "af854a3a-2127-422b-91ae-364da2661108",
          "shortName": "CVE"
        },
        "references": [
          {
            "name": "20160817 Cisco WebEx Meetings Server Information Disclosure Vulnerability",
            "tags": [
              "vendor-advisory",
              "x_refsource_CISCO",
              "x_transferred"
            ],
            "url": "http://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20160817-wms1"
          },
          {
            "name": "92519",
            "tags": [
              "vdb-entry",
              "x_refsource_BID",
              "x_transferred"
            ],
            "url": "http://www.securityfocus.com/bid/92519"
          },
          {
            "name": "1036649",
            "tags": [
              "vdb-entry",
              "x_refsource_SECTRACK",
              "x_transferred"
            ],
            "url": "http://www.securitytracker.com/id/1036649"
          }
        ],
        "title": "CVE Program Container"
      }
    ],
    "cna": {
      "affected": [
        {
          "product": "n/a",
          "vendor": "n/a",
          "versions": [
            {
              "status": "affected",
              "version": "n/a"
            }
          ]
        }
      ],
      "datePublic": "2016-08-17T00:00:00.000Z",
      "descriptions": [
        {
          "lang": "en",
          "value": "Cisco WebEx Meetings Server 2.6 allows remote attackers to bypass intended access restrictions and obtain sensitive application information via unspecified vectors, aka Bug ID CSCuy92724."
        }
      ],
      "problemTypes": [
        {
          "descriptions": [
            {
              "description": "n/a",
              "lang": "en",
              "type": "text"
            }
          ]
        }
      ],
      "providerMetadata": {
        "dateUpdated": "2017-08-15T09:57:01.000Z",
        "orgId": "d1c1063e-7a18-46af-9102-31f8928bc633",
        "shortName": "cisco"
      },
      "references": [
        {
          "name": "20160817 Cisco WebEx Meetings Server Information Disclosure Vulnerability",
          "tags": [
            "vendor-advisory",
            "x_refsource_CISCO"
          ],
          "url": "http://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20160817-wms1"
        },
        {
          "name": "92519",
          "tags": [
            "vdb-entry",
            "x_refsource_BID"
          ],
          "url": "http://www.securityfocus.com/bid/92519"
        },
        {
          "name": "1036649",
          "tags": [
            "vdb-entry",
            "x_refsource_SECTRACK"
          ],
          "url": "http://www.securitytracker.com/id/1036649"
        }
      ],
      "x_legacyV4Record": {
        "CVE_data_meta": {
          "ASSIGNER": "psirt@cisco.com",
          "ID": "CVE-2016-1484",
          "STATE": "PUBLIC"
        },
        "affects": {
          "vendor": {
            "vendor_data": [
              {
                "product": {
                  "product_data": [
                    {
                      "product_name": "n/a",
                      "version": {
                        "version_data": [
                          {
                            "version_value": "n/a"
                          }
                        ]
                      }
                    }
                  ]
                },
                "vendor_name": "n/a"
              }
            ]
          }
        },
        "data_format": "MITRE",
        "data_type": "CVE",
        "data_version": "4.0",
        "description": {
          "description_data": [
            {
              "lang": "eng",
              "value": "Cisco WebEx Meetings Server 2.6 allows remote attackers to bypass intended access restrictions and obtain sensitive application information via unspecified vectors, aka Bug ID CSCuy92724."
            }
          ]
        },
        "problemtype": {
          "problemtype_data": [
            {
              "description": [
                {
                  "lang": "eng",
                  "value": "n/a"
                }
              ]
            }
          ]
        },
        "references": {
          "reference_data": [
            {
              "name": "20160817 Cisco WebEx Meetings Server Information Disclosure Vulnerability",
              "refsource": "CISCO",
              "url": "http://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20160817-wms1"
            },
            {
              "name": "92519",
              "refsource": "BID",
              "url": "http://www.securityfocus.com/bid/92519"
            },
            {
              "name": "1036649",
              "refsource": "SECTRACK",
              "url": "http://www.securitytracker.com/id/1036649"
            }
          ]
        }
      }
    }
  },
  "cveMetadata": {
    "assignerOrgId": "d1c1063e-7a18-46af-9102-31f8928bc633",
    "assignerShortName": "cisco",
    "cveId": "CVE-2016-1484",
    "datePublished": "2016-08-23T01:00:00.000Z",
    "dateReserved": "2016-01-04T00:00:00.000Z",
    "dateUpdated": "2024-08-05T22:55:14.556Z",
    "state": "PUBLISHED"
  },
  "dataType": "CVE_RECORD",
  "dataVersion": "5.1",
  "vulnerability-lookup:meta": {
    "epss": {
      "cve": "CVE-2016-1484",
      "date": "2026-06-03",
      "epss": "0.00247",
      "percentile": "0.48097"
    },
    "fkie_nvd": {
      "configurations": "[{\"nodes\": [{\"operator\": \"OR\", \"negate\": false, \"cpeMatch\": [{\"vulnerable\": true, \"criteria\": \"cpe:2.3:a:cisco:webex_meetings_server:2.6.0:*:*:*:*:*:*:*\", \"matchCriteriaId\": \"F8745FD6-B0B3-46A9-9254-7B13877D7080\"}, {\"vulnerable\": true, \"criteria\": \"cpe:2.3:a:cisco:webex_meetings_server:2.6.1.39:*:*:*:*:*:*:*\", \"matchCriteriaId\": \"794B669D-5A30-49CA-9F35-8F7AA5A2DF62\"}]}]}]",
      "descriptions": "[{\"lang\": \"en\", \"value\": \"Cisco WebEx Meetings Server 2.6 allows remote attackers to bypass intended access restrictions and obtain sensitive application information via unspecified vectors, aka Bug ID CSCuy92724.\"}, {\"lang\": \"es\", \"value\": \"Cisco WebEx Meetings Server 2.6 permite a atacantes remotos eludir las restricciones destinadas al acceso y obtener informaci\\u00f3n de aplicaci\\u00f3n sensible a trav\\u00e9s de vectores no especificados, tambi\\u00e9n conocido como Bug ID CSCuy92724.\"}]",
      "id": "CVE-2016-1484",
      "lastModified": "2024-11-21T02:46:31.700",
      "metrics": "{\"cvssMetricV30\": [{\"source\": \"nvd@nist.gov\", \"type\": \"Primary\", \"cvssData\": {\"version\": \"3.0\", \"vectorString\": \"CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N\", \"baseScore\": 7.5, \"baseSeverity\": \"HIGH\", \"attackVector\": \"NETWORK\", \"attackComplexity\": \"LOW\", \"privilegesRequired\": \"NONE\", \"userInteraction\": \"NONE\", \"scope\": \"UNCHANGED\", \"confidentialityImpact\": \"HIGH\", \"integrityImpact\": \"NONE\", \"availabilityImpact\": \"NONE\"}, \"exploitabilityScore\": 3.9, \"impactScore\": 3.6}], \"cvssMetricV2\": [{\"source\": \"nvd@nist.gov\", \"type\": \"Primary\", \"cvssData\": {\"version\": \"2.0\", \"vectorString\": \"AV:N/AC:L/Au:N/C:P/I:N/A:N\", \"baseScore\": 5.0, \"accessVector\": \"NETWORK\", \"accessComplexity\": \"LOW\", \"authentication\": \"NONE\", \"confidentialityImpact\": \"PARTIAL\", \"integrityImpact\": \"NONE\", \"availabilityImpact\": \"NONE\"}, \"baseSeverity\": \"MEDIUM\", \"exploitabilityScore\": 10.0, \"impactScore\": 2.9, \"acInsufInfo\": false, \"obtainAllPrivilege\": false, \"obtainUserPrivilege\": false, \"obtainOtherPrivilege\": false, \"userInteractionRequired\": false}]}",
      "published": "2016-08-23T02:10:21.317",
      "references": "[{\"url\": \"http://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20160817-wms1\", \"source\": \"ykramarz@cisco.com\", \"tags\": [\"Vendor Advisory\"]}, {\"url\": \"http://www.securityfocus.com/bid/92519\", \"source\": \"ykramarz@cisco.com\"}, {\"url\": \"http://www.securitytracker.com/id/1036649\", \"source\": \"ykramarz@cisco.com\"}, {\"url\": \"http://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20160817-wms1\", \"source\": \"af854a3a-2127-422b-91ae-364da2661108\", \"tags\": [\"Vendor Advisory\"]}, {\"url\": \"http://www.securityfocus.com/bid/92519\", \"source\": \"af854a3a-2127-422b-91ae-364da2661108\"}, {\"url\": \"http://www.securitytracker.com/id/1036649\", \"source\": \"af854a3a-2127-422b-91ae-364da2661108\"}]",
      "sourceIdentifier": "ykramarz@cisco.com",
      "vulnStatus": "Modified",
      "weaknesses": "[{\"source\": \"nvd@nist.gov\", \"type\": \"Primary\", \"description\": [{\"lang\": \"en\", \"value\": \"CWE-20\"}, {\"lang\": \"en\", \"value\": \"CWE-200\"}]}]"
    },
    "nvd": "{\"cve\":{\"id\":\"CVE-2016-1484\",\"sourceIdentifier\":\"psirt@cisco.com\",\"published\":\"2016-08-23T02:10:21.317\",\"lastModified\":\"2026-05-06T22:30:45.220\",\"vulnStatus\":\"Modified\",\"cveTags\":[],\"descriptions\":[{\"lang\":\"en\",\"value\":\"Cisco WebEx Meetings Server 2.6 allows remote attackers to bypass intended access restrictions and obtain sensitive application information via unspecified vectors, aka Bug ID CSCuy92724.\"},{\"lang\":\"es\",\"value\":\"Cisco WebEx Meetings Server 2.6 permite a atacantes remotos eludir las restricciones destinadas al acceso y obtener informaci\u00f3n de aplicaci\u00f3n sensible a trav\u00e9s de vectores no especificados, tambi\u00e9n conocido como Bug ID CSCuy92724.\"}],\"metrics\":{\"cvssMetricV30\":[{\"source\":\"nvd@nist.gov\",\"type\":\"Primary\",\"cvssData\":{\"version\":\"3.0\",\"vectorString\":\"CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N\",\"baseScore\":7.5,\"baseSeverity\":\"HIGH\",\"attackVector\":\"NETWORK\",\"attackComplexity\":\"LOW\",\"privilegesRequired\":\"NONE\",\"userInteraction\":\"NONE\",\"scope\":\"UNCHANGED\",\"confidentialityImpact\":\"HIGH\",\"integrityImpact\":\"NONE\",\"availabilityImpact\":\"NONE\"},\"exploitabilityScore\":3.9,\"impactScore\":3.6}],\"cvssMetricV2\":[{\"source\":\"nvd@nist.gov\",\"type\":\"Primary\",\"cvssData\":{\"version\":\"2.0\",\"vectorString\":\"AV:N/AC:L/Au:N/C:P/I:N/A:N\",\"baseScore\":5.0,\"accessVector\":\"NETWORK\",\"accessComplexity\":\"LOW\",\"authentication\":\"NONE\",\"confidentialityImpact\":\"PARTIAL\",\"integrityImpact\":\"NONE\",\"availabilityImpact\":\"NONE\"},\"baseSeverity\":\"MEDIUM\",\"exploitabilityScore\":10.0,\"impactScore\":2.9,\"acInsufInfo\":false,\"obtainAllPrivilege\":false,\"obtainUserPrivilege\":false,\"obtainOtherPrivilege\":false,\"userInteractionRequired\":false}]},\"weaknesses\":[{\"source\":\"nvd@nist.gov\",\"type\":\"Primary\",\"description\":[{\"lang\":\"en\",\"value\":\"CWE-20\"},{\"lang\":\"en\",\"value\":\"CWE-200\"}]}],\"configurations\":[{\"nodes\":[{\"operator\":\"OR\",\"negate\":false,\"cpeMatch\":[{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:cisco:webex_meetings_server:2.6.0:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"F8745FD6-B0B3-46A9-9254-7B13877D7080\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:cisco:webex_meetings_server:2.6.1.39:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"794B669D-5A30-49CA-9F35-8F7AA5A2DF62\"}]}]}],\"references\":[{\"url\":\"http://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20160817-wms1\",\"source\":\"psirt@cisco.com\",\"tags\":[\"Vendor Advisory\"]},{\"url\":\"http://www.securityfocus.com/bid/92519\",\"source\":\"psirt@cisco.com\"},{\"url\":\"http://www.securitytracker.com/id/1036649\",\"source\":\"psirt@cisco.com\"},{\"url\":\"http://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20160817-wms1\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\",\"tags\":[\"Vendor Advisory\"]},{\"url\":\"http://www.securityfocus.com/bid/92519\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\"},{\"url\":\"http://www.securitytracker.com/id/1036649\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\"}]}}"
  }
}

CERTFR-2016-AVI-284

Vulnerability from certfr_avis - Published: - Updated:

De multiples vulnérabilités ont été corrigées dans les produits Cisco. Certaines d'entre elles permettent à un attaquant de provoquer une exécution de code arbitraire à distance, un déni de service à distance et une atteinte à la confidentialité des données.

Solution

Se référer au bulletin de sécurité de l'éditeur pour l'obtention des correctifs (cf. section Documentation).

None

Impacted products

Vendor	Product	Description
Cisco	N/A	Cisco Firepower Management Center version 5.3.0 sans le dernier correctif de sécurité
Cisco	Identity Services Engine	Cisco Identity Services Engine version 1.3(0.876) sans le dernier correctif de sécurité
Cisco	N/A	Cisco Firepower Management Center version 5.3.0.2 sans le dernier correctif de sécurité
Cisco	N/A	Cisco Firepower Management Center et Cisco ASA 5500-X Series avec les services FirePOWER versions antérieures à 5.3.0.3
Cisco	N/A	Cisco Firepower Management Center et Cisco ASA 5500-X Series avec les services FirePOWER versions antérieures à 6.0.0
Cisco	N/A	Cisco Firepower Management Center version 5.3.1 sans le dernier correctif de sécurité
Cisco	N/A	Cisco Firepower Management Center version 5.2.0 sans le dernier correctif de sécurité
Cisco	N/A	Cisco APIC-EM versions antérieures à 1.2
Cisco	N/A	Cisco Firepower Management Center et Cisco ASA 5500-X Series avec les services FirePOWER versions 5.4.x antérieures à 5.4.1
Cisco	N/A	Cisco Firepower Management Center version 5.4.0 sans le dernier correctif de sécurité
Cisco	N/A	Cisco Aironet 1800, 2800, et 3800 AP platforms versions antérieures à 8.2.110.0, 8.2.121.0 ou 8.3.102.0
Cisco	Unified Communications Manager	Cisco Unified Communications Manager version 11.5 sans le dernier correctif de sécurité
Cisco	IP Phone	Cisco IP Phone 8800 Series version 11.0(1) sans le dernier correctif de sécurité
Cisco	N/A	Cisco Firepower Management Center et Cisco ASA 5500-X Series avec les services FirePOWER versions 5.4.0.x antérieures à 5.4.0.1
Cisco	N/A	Cisco Firepower Management Center version 4.10.3 sans le dernier correctif de sécurité
Cisco	N/A	Cisco Firepower Management Center et Cisco ASA 5500-X Series avec les services FirePOWER versions antérieures à 5.3.1.2
Cisco	N/A	Cisco WebEx Meetings Server version 2.6 sans le dernier correctif de sécurité

References

Title

Publication Time

CERTFR-2016-AVI-284

Vulnerability from certfr_avis - Published: - Updated:

Solution

Se référer au bulletin de sécurité de l'éditeur pour l'obtention des correctifs (cf. section Documentation).

None

Impacted products

Vendor	Product	Description
Cisco	N/A	Cisco Firepower Management Center version 5.3.0 sans le dernier correctif de sécurité
Cisco	Identity Services Engine	Cisco Identity Services Engine version 1.3(0.876) sans le dernier correctif de sécurité
Cisco	N/A	Cisco Firepower Management Center version 5.3.0.2 sans le dernier correctif de sécurité
Cisco	N/A	Cisco Firepower Management Center et Cisco ASA 5500-X Series avec les services FirePOWER versions antérieures à 5.3.0.3
Cisco	N/A	Cisco Firepower Management Center et Cisco ASA 5500-X Series avec les services FirePOWER versions antérieures à 6.0.0
Cisco	N/A	Cisco Firepower Management Center version 5.3.1 sans le dernier correctif de sécurité
Cisco	N/A	Cisco Firepower Management Center version 5.2.0 sans le dernier correctif de sécurité
Cisco	N/A	Cisco APIC-EM versions antérieures à 1.2
Cisco	N/A	Cisco Firepower Management Center et Cisco ASA 5500-X Series avec les services FirePOWER versions 5.4.x antérieures à 5.4.1
Cisco	N/A	Cisco Firepower Management Center version 5.4.0 sans le dernier correctif de sécurité
Cisco	N/A	Cisco Aironet 1800, 2800, et 3800 AP platforms versions antérieures à 8.2.110.0, 8.2.121.0 ou 8.3.102.0
Cisco	Unified Communications Manager	Cisco Unified Communications Manager version 11.5 sans le dernier correctif de sécurité
Cisco	IP Phone	Cisco IP Phone 8800 Series version 11.0(1) sans le dernier correctif de sécurité
Cisco	N/A	Cisco Firepower Management Center et Cisco ASA 5500-X Series avec les services FirePOWER versions 5.4.0.x antérieures à 5.4.0.1
Cisco	N/A	Cisco Firepower Management Center version 4.10.3 sans le dernier correctif de sécurité
Cisco	N/A	Cisco Firepower Management Center et Cisco ASA 5500-X Series avec les services FirePOWER versions antérieures à 5.3.1.2
Cisco	N/A	Cisco WebEx Meetings Server version 2.6 sans le dernier correctif de sécurité

References

Title

Publication Time

CNVD-2016-06425

Vulnerability from cnvd - Published: 2016-08-19

Title

Cisco WebEx Meetings Server信息泄露漏洞（CNVD-2016-06425）

Description

Cisco WebEx Meetings Server（CWMS）是美国思科（Cisco）公司的WebEx会议方案中的一套包含音频、视频和Web会议的多功能会议解决方案。 Cisco WebEx Meetings Server 2.6版本中存在信息泄露漏洞，该漏洞源于程序缺少正确的授权控制。远程攻击者可利用该漏洞获取应用程序有关的敏感信息。

Severity

中

Patch Name

Cisco WebEx Meetings Server信息泄露漏洞（CNVD-2016-06425）的补丁

Patch Description

Formal description

目前厂商已经发布了升级补丁以修复此安全问题，补丁获取链接： http://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20160817-wms1

Reference

http://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20160817-wms1

Impacted products

Name
Cisco WebEx Meetings Server 2.6

Show details on source website

JSON

To clipboard

{
  "bids": {
    "bid": {
      "bidNumber": "92519"
    }
  },
  "cves": {
    "cve": {
      "cveNumber": "CVE-2016-1484"
    }
  },
  "description": "Cisco WebEx Meetings Server\uff08CWMS\uff09\u662f\u7f8e\u56fd\u601d\u79d1\uff08Cisco\uff09\u516c\u53f8\u7684WebEx\u4f1a\u8bae\u65b9\u6848\u4e2d\u7684\u4e00\u5957\u5305\u542b\u97f3\u9891\u3001\u89c6\u9891\u548cWeb\u4f1a\u8bae\u7684\u591a\u529f\u80fd\u4f1a\u8bae\u89e3\u51b3\u65b9\u6848\u3002\r\n\r\nCisco WebEx Meetings Server 2.6\u7248\u672c\u4e2d\u5b58\u5728\u4fe1\u606f\u6cc4\u9732\u6f0f\u6d1e\uff0c\u8be5\u6f0f\u6d1e\u6e90\u4e8e\u7a0b\u5e8f\u7f3a\u5c11\u6b63\u786e\u7684\u6388\u6743\u63a7\u5236\u3002\u8fdc\u7a0b\u653b\u51fb\u8005\u53ef\u5229\u7528\u8be5\u6f0f\u6d1e\u83b7\u53d6\u5e94\u7528\u7a0b\u5e8f\u6709\u5173\u7684\u654f\u611f\u4fe1\u606f\u3002",
  "discovererName": "Cisco",
  "formalWay": "\u76ee\u524d\u5382\u5546\u5df2\u7ecf\u53d1\u5e03\u4e86\u5347\u7ea7\u8865\u4e01\u4ee5\u4fee\u590d\u6b64\u5b89\u5168\u95ee\u9898\uff0c\u8865\u4e01\u83b7\u53d6\u94fe\u63a5\uff1a\r\nhttp://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20160817-wms1",
  "isEvent": "\u901a\u7528\u8f6f\u786c\u4ef6\u6f0f\u6d1e",
  "number": "CNVD-2016-06425",
  "openTime": "2016-08-19",
  "patchDescription": "Cisco WebEx Meetings Server\uff08CWMS\uff09\u662f\u7f8e\u56fd\u601d\u79d1\uff08Cisco\uff09\u516c\u53f8\u7684WebEx\u4f1a\u8bae\u65b9\u6848\u4e2d\u7684\u4e00\u5957\u5305\u542b\u97f3\u9891\u3001\u89c6\u9891\u548cWeb\u4f1a\u8bae\u7684\u591a\u529f\u80fd\u4f1a\u8bae\u89e3\u51b3\u65b9\u6848\u3002\r\n\r\nCisco WebEx Meetings Server 2.6\u7248\u672c\u4e2d\u5b58\u5728\u4fe1\u606f\u6cc4\u9732\u6f0f\u6d1e\uff0c\u8be5\u6f0f\u6d1e\u6e90\u4e8e\u7a0b\u5e8f\u7f3a\u5c11\u6b63\u786e\u7684\u6388\u6743\u63a7\u5236\u3002\u8fdc\u7a0b\u653b\u51fb\u8005\u53ef\u5229\u7528\u8be5\u6f0f\u6d1e\u83b7\u53d6\u5e94\u7528\u7a0b\u5e8f\u6709\u5173\u7684\u654f\u611f\u4fe1\u606f\u3002\u76ee\u524d\uff0c\u4f9b\u5e94\u5546\u53d1\u5e03\u4e86\u5b89\u5168\u516c\u544a\u53ca\u76f8\u5173\u8865\u4e01\u4fe1\u606f\uff0c\u4fee\u590d\u4e86\u6b64\u6f0f\u6d1e\u3002",
  "patchName": "Cisco WebEx Meetings Server\u4fe1\u606f\u6cc4\u9732\u6f0f\u6d1e\uff08CNVD-2016-06425\uff09\u7684\u8865\u4e01",
  "products": {
    "product": "Cisco WebEx Meetings Server 2.6"
  },
  "referenceLink": "http://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20160817-wms1",
  "serverity": "\u4e2d",
  "submitTime": "2016-08-18",
  "title": "Cisco WebEx Meetings Server\u4fe1\u606f\u6cc4\u9732\u6f0f\u6d1e\uff08CNVD-2016-06425\uff09"
}

FKIE_CVE-2016-1484

Vulnerability from fkie_nvd - Published: 2016-08-23 02:10 - Updated: 2026-05-06 22:30

Severity

7.5 (High) - CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N

Summary

Cisco WebEx Meetings Server 2.6 allows remote attackers to bypass intended access restrictions and obtain sensitive application information via unspecified vectors, aka Bug ID CSCuy92724.

References

URL	Tags
psirt@cisco.com	http://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20160817-wms1	Vendor Advisory
psirt@cisco.com	http://www.securityfocus.com/bid/92519
psirt@cisco.com	http://www.securitytracker.com/id/1036649
af854a3a-2127-422b-91ae-364da2661108	http://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20160817-wms1	Vendor Advisory
af854a3a-2127-422b-91ae-364da2661108	http://www.securityfocus.com/bid/92519
af854a3a-2127-422b-91ae-364da2661108	http://www.securitytracker.com/id/1036649

Impacted products

	Vendor	Product	Version
	cisco	webex_meetings_server	2.6.0
	cisco	webex_meetings_server	2.6.1.39

JSON

To clipboard

{
  "configurations": [
    {
      "nodes": [
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:a:cisco:webex_meetings_server:2.6.0:*:*:*:*:*:*:*",
              "matchCriteriaId": "F8745FD6-B0B3-46A9-9254-7B13877D7080",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:cisco:webex_meetings_server:2.6.1.39:*:*:*:*:*:*:*",
              "matchCriteriaId": "794B669D-5A30-49CA-9F35-8F7AA5A2DF62",
              "vulnerable": true
            }
          ],
          "negate": false,
          "operator": "OR"
        }
      ]
    }
  ],
  "cveTags": [],
  "descriptions": [
    {
      "lang": "en",
      "value": "Cisco WebEx Meetings Server 2.6 allows remote attackers to bypass intended access restrictions and obtain sensitive application information via unspecified vectors, aka Bug ID CSCuy92724."
    },
    {
      "lang": "es",
      "value": "Cisco WebEx Meetings Server 2.6 permite a atacantes remotos eludir las restricciones destinadas al acceso y obtener informaci\u00f3n de aplicaci\u00f3n sensible a trav\u00e9s de vectores no especificados, tambi\u00e9n conocido como Bug ID CSCuy92724."
    }
  ],
  "id": "CVE-2016-1484",
  "lastModified": "2026-05-06T22:30:45.220",
  "metrics": {
    "cvssMetricV2": [
      {
        "acInsufInfo": false,
        "baseSeverity": "MEDIUM",
        "cvssData": {
          "accessComplexity": "LOW",
          "accessVector": "NETWORK",
          "authentication": "NONE",
          "availabilityImpact": "NONE",
          "baseScore": 5.0,
          "confidentialityImpact": "PARTIAL",
          "integrityImpact": "NONE",
          "vectorString": "AV:N/AC:L/Au:N/C:P/I:N/A:N",
          "version": "2.0"
        },
        "exploitabilityScore": 10.0,
        "impactScore": 2.9,
        "obtainAllPrivilege": false,
        "obtainOtherPrivilege": false,
        "obtainUserPrivilege": false,
        "source": "nvd@nist.gov",
        "type": "Primary",
        "userInteractionRequired": false
      }
    ],
    "cvssMetricV30": [
      {
        "cvssData": {
          "attackComplexity": "LOW",
          "attackVector": "NETWORK",
          "availabilityImpact": "NONE",
          "baseScore": 7.5,
          "baseSeverity": "HIGH",
          "confidentialityImpact": "HIGH",
          "integrityImpact": "NONE",
          "privilegesRequired": "NONE",
          "scope": "UNCHANGED",
          "userInteraction": "NONE",
          "vectorString": "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N",
          "version": "3.0"
        },
        "exploitabilityScore": 3.9,
        "impactScore": 3.6,
        "source": "nvd@nist.gov",
        "type": "Primary"
      }
    ]
  },
  "published": "2016-08-23T02:10:21.317",
  "references": [
    {
      "source": "psirt@cisco.com",
      "tags": [
        "Vendor Advisory"
      ],
      "url": "http://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20160817-wms1"
    },
    {
      "source": "psirt@cisco.com",
      "url": "http://www.securityfocus.com/bid/92519"
    },
    {
      "source": "psirt@cisco.com",
      "url": "http://www.securitytracker.com/id/1036649"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "tags": [
        "Vendor Advisory"
      ],
      "url": "http://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20160817-wms1"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "url": "http://www.securityfocus.com/bid/92519"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "url": "http://www.securitytracker.com/id/1036649"
    }
  ],
  "sourceIdentifier": "psirt@cisco.com",
  "vulnStatus": "Modified",
  "weaknesses": [
    {
      "description": [
        {
          "lang": "en",
          "value": "CWE-20"
        },
        {
          "lang": "en",
          "value": "CWE-200"
        }
      ],
      "source": "nvd@nist.gov",
      "type": "Primary"
    }
  ]
}

GHSA-QFJJ-G7H7-MC9H

Vulnerability from github – Published: 2022-05-17 02:13 – Updated: 2022-05-17 02:13

Details

Cisco WebEx Meetings Server 2.6 allows remote attackers to bypass intended access restrictions and obtain sensitive application information via unspecified vectors, aka Bug ID CSCuy92724.

Severity

7.5 (High)


                  
                    CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N

Show details on source website

JSON

To clipboard

{
  "affected": [],
  "aliases": [
    "CVE-2016-1484"
  ],
  "database_specific": {
    "cwe_ids": [
      "CWE-20",
      "CWE-200"
    ],
    "github_reviewed": false,
    "github_reviewed_at": null,
    "nvd_published_at": "2016-08-23T02:10:00Z",
    "severity": "HIGH"
  },
  "details": "Cisco WebEx Meetings Server 2.6 allows remote attackers to bypass intended access restrictions and obtain sensitive application information via unspecified vectors, aka Bug ID CSCuy92724.",
  "id": "GHSA-qfjj-g7h7-mc9h",
  "modified": "2022-05-17T02:13:30Z",
  "published": "2022-05-17T02:13:30Z",
  "references": [
    {
      "type": "ADVISORY",
      "url": "https://nvd.nist.gov/vuln/detail/CVE-2016-1484"
    },
    {
      "type": "WEB",
      "url": "http://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20160817-wms1"
    },
    {
      "type": "WEB",
      "url": "http://www.securityfocus.com/bid/92519"
    },
    {
      "type": "WEB",
      "url": "http://www.securitytracker.com/id/1036649"
    }
  ],
  "schema_version": "1.4.0",
  "severity": [
    {
      "score": "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N",
      "type": "CVSS_V3"
    }
  ]
}

GSD-2016-1484

Vulnerability from gsd - Updated: 2023-12-13 01:21

Details

Cisco WebEx Meetings Server 2.6 allows remote attackers to bypass intended access restrictions and obtain sensitive application information via unspecified vectors, aka Bug ID CSCuy92724.

Aliases

CVE-2016-1484

Aliases

CVE-2016-1484

JSON

To clipboard

{
  "GSD": {
    "alias": "CVE-2016-1484",
    "description": "Cisco WebEx Meetings Server 2.6 allows remote attackers to bypass intended access restrictions and obtain sensitive application information via unspecified vectors, aka Bug ID CSCuy92724.",
    "id": "GSD-2016-1484"
  },
  "gsd": {
    "metadata": {
      "exploitCode": "unknown",
      "remediation": "unknown",
      "reportConfidence": "confirmed",
      "type": "vulnerability"
    },
    "osvSchema": {
      "aliases": [
        "CVE-2016-1484"
      ],
      "details": "Cisco WebEx Meetings Server 2.6 allows remote attackers to bypass intended access restrictions and obtain sensitive application information via unspecified vectors, aka Bug ID CSCuy92724.",
      "id": "GSD-2016-1484",
      "modified": "2023-12-13T01:21:24.891189Z",
      "schema_version": "1.4.0"
    }
  },
  "namespaces": {
    "cve.org": {
      "CVE_data_meta": {
        "ASSIGNER": "psirt@cisco.com",
        "ID": "CVE-2016-1484",
        "STATE": "PUBLIC"
      },
      "affects": {
        "vendor": {
          "vendor_data": [
            {
              "product": {
                "product_data": [
                  {
                    "product_name": "n/a",
                    "version": {
                      "version_data": [
                        {
                          "version_value": "n/a"
                        }
                      ]
                    }
                  }
                ]
              },
              "vendor_name": "n/a"
            }
          ]
        }
      },
      "data_format": "MITRE",
      "data_type": "CVE",
      "data_version": "4.0",
      "description": {
        "description_data": [
          {
            "lang": "eng",
            "value": "Cisco WebEx Meetings Server 2.6 allows remote attackers to bypass intended access restrictions and obtain sensitive application information via unspecified vectors, aka Bug ID CSCuy92724."
          }
        ]
      },
      "problemtype": {
        "problemtype_data": [
          {
            "description": [
              {
                "lang": "eng",
                "value": "n/a"
              }
            ]
          }
        ]
      },
      "references": {
        "reference_data": [
          {
            "name": "20160817 Cisco WebEx Meetings Server Information Disclosure Vulnerability",
            "refsource": "CISCO",
            "url": "http://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20160817-wms1"
          },
          {
            "name": "92519",
            "refsource": "BID",
            "url": "http://www.securityfocus.com/bid/92519"
          },
          {
            "name": "1036649",
            "refsource": "SECTRACK",
            "url": "http://www.securitytracker.com/id/1036649"
          }
        ]
      }
    },
    "nvd.nist.gov": {
      "configurations": {
        "CVE_data_version": "4.0",
        "nodes": [
          {
            "children": [],
            "cpe_match": [
              {
                "cpe23Uri": "cpe:2.3:a:cisco:webex_meetings_server:2.6.0:*:*:*:*:*:*:*",
                "cpe_name": [],
                "vulnerable": true
              },
              {
                "cpe23Uri": "cpe:2.3:a:cisco:webex_meetings_server:2.6.1.39:*:*:*:*:*:*:*",
                "cpe_name": [],
                "vulnerable": true
              }
            ],
            "operator": "OR"
          }
        ]
      },
      "cve": {
        "CVE_data_meta": {
          "ASSIGNER": "psirt@cisco.com",
          "ID": "CVE-2016-1484"
        },
        "data_format": "MITRE",
        "data_type": "CVE",
        "data_version": "4.0",
        "description": {
          "description_data": [
            {
              "lang": "en",
              "value": "Cisco WebEx Meetings Server 2.6 allows remote attackers to bypass intended access restrictions and obtain sensitive application information via unspecified vectors, aka Bug ID CSCuy92724."
            }
          ]
        },
        "problemtype": {
          "problemtype_data": [
            {
              "description": [
                {
                  "lang": "en",
                  "value": "CWE-200"
                },
                {
                  "lang": "en",
                  "value": "CWE-20"
                }
              ]
            }
          ]
        },
        "references": {
          "reference_data": [
            {
              "name": "20160817 Cisco WebEx Meetings Server Information Disclosure Vulnerability",
              "refsource": "CISCO",
              "tags": [
                "Vendor Advisory"
              ],
              "url": "http://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20160817-wms1"
            },
            {
              "name": "92519",
              "refsource": "BID",
              "tags": [],
              "url": "http://www.securityfocus.com/bid/92519"
            },
            {
              "name": "1036649",
              "refsource": "SECTRACK",
              "tags": [],
              "url": "http://www.securitytracker.com/id/1036649"
            }
          ]
        }
      },
      "impact": {
        "baseMetricV2": {
          "cvssV2": {
            "accessComplexity": "LOW",
            "accessVector": "NETWORK",
            "authentication": "NONE",
            "availabilityImpact": "NONE",
            "baseScore": 5.0,
            "confidentialityImpact": "PARTIAL",
            "integrityImpact": "NONE",
            "vectorString": "AV:N/AC:L/Au:N/C:P/I:N/A:N",
            "version": "2.0"
          },
          "exploitabilityScore": 10.0,
          "impactScore": 2.9,
          "obtainAllPrivilege": false,
          "obtainOtherPrivilege": false,
          "obtainUserPrivilege": false,
          "severity": "MEDIUM",
          "userInteractionRequired": false
        },
        "baseMetricV3": {
          "cvssV3": {
            "attackComplexity": "LOW",
            "attackVector": "NETWORK",
            "availabilityImpact": "NONE",
            "baseScore": 7.5,
            "baseSeverity": "HIGH",
            "confidentialityImpact": "HIGH",
            "integrityImpact": "NONE",
            "privilegesRequired": "NONE",
            "scope": "UNCHANGED",
            "userInteraction": "NONE",
            "vectorString": "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N",
            "version": "3.0"
          },
          "exploitabilityScore": 3.9,
          "impactScore": 3.6
        }
      },
      "lastModifiedDate": "2017-08-16T01:29Z",
      "publishedDate": "2016-08-23T02:10Z"
    }
  }
}

VAR-201608-0246

Vulnerability from variot - Updated: 2023-12-18 13:14

Cisco WebEx Meetings Server 2.6 allows remote attackers to bypass intended access restrictions and obtain sensitive application information via unspecified vectors, aka Bug ID CSCuy92724. Cisco WebEx Meetings Server is prone to an information-disclosure vulnerability. An attacker can exploit this issue to obtain sensitive information that may aid in further attacks. This issue is being tracked by Cisco bug ID CSCuy92724. Cisco WebEx Meetings Server (CWMS) is a set of multi-functional conference solutions including audio, video and Web conference in Cisco's WebEx conference solution. An information disclosure vulnerability exists in CWMS version 2.6

Show details on source website

JSON

To clipboard

{
  "@context": {
    "@vocab": "https://www.variotdbs.pl/ref/VARIoTentry#",
    "affected_products": {
      "@id": "https://www.variotdbs.pl/ref/affected_products"
    },
    "configurations": {
      "@id": "https://www.variotdbs.pl/ref/configurations"
    },
    "credits": {
      "@id": "https://www.variotdbs.pl/ref/credits"
    },
    "cvss": {
      "@id": "https://www.variotdbs.pl/ref/cvss/"
    },
    "description": {
      "@id": "https://www.variotdbs.pl/ref/description/"
    },
    "exploit_availability": {
      "@id": "https://www.variotdbs.pl/ref/exploit_availability/"
    },
    "external_ids": {
      "@id": "https://www.variotdbs.pl/ref/external_ids/"
    },
    "iot": {
      "@id": "https://www.variotdbs.pl/ref/iot/"
    },
    "iot_taxonomy": {
      "@id": "https://www.variotdbs.pl/ref/iot_taxonomy/"
    },
    "patch": {
      "@id": "https://www.variotdbs.pl/ref/patch/"
    },
    "problemtype_data": {
      "@id": "https://www.variotdbs.pl/ref/problemtype_data/"
    },
    "references": {
      "@id": "https://www.variotdbs.pl/ref/references/"
    },
    "sources": {
      "@id": "https://www.variotdbs.pl/ref/sources/"
    },
    "sources_release_date": {
      "@id": "https://www.variotdbs.pl/ref/sources_release_date/"
    },
    "sources_update_date": {
      "@id": "https://www.variotdbs.pl/ref/sources_update_date/"
    },
    "threat_type": {
      "@id": "https://www.variotdbs.pl/ref/threat_type/"
    },
    "title": {
      "@id": "https://www.variotdbs.pl/ref/title/"
    },
    "type": {
      "@id": "https://www.variotdbs.pl/ref/type/"
    }
  },
  "@id": "https://www.variotdbs.pl/vuln/VAR-201608-0246",
  "affected_products": {
    "@context": {
      "@vocab": "https://www.variotdbs.pl/ref/affected_products#",
      "data": {
        "@container": "@list"
      },
      "sources": {
        "@container": "@list",
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/sources#"
        },
        "@id": "https://www.variotdbs.pl/ref/sources"
      }
    },
    "data": [
      {
        "model": "webex meetings server",
        "scope": "eq",
        "trust": 1.6,
        "vendor": "cisco",
        "version": "2.6.0"
      },
      {
        "model": "webex meetings server",
        "scope": "eq",
        "trust": 1.6,
        "vendor": "cisco",
        "version": "2.6.1.39"
      },
      {
        "model": "webex meetings server",
        "scope": "eq",
        "trust": 1.1,
        "vendor": "cisco",
        "version": "2.6"
      }
    ],
    "sources": [
      {
        "db": "BID",
        "id": "92519"
      },
      {
        "db": "JVNDB",
        "id": "JVNDB-2016-004441"
      },
      {
        "db": "NVD",
        "id": "CVE-2016-1484"
      },
      {
        "db": "CNNVD",
        "id": "CNNVD-201608-014"
      }
    ]
  },
  "configurations": {
    "@context": {
      "@vocab": "https://www.variotdbs.pl/ref/configurations#",
      "children": {
        "@container": "@list"
      },
      "cpe_match": {
        "@container": "@list"
      },
      "data": {
        "@container": "@list"
      },
      "nodes": {
        "@container": "@list"
      }
    },
    "data": [
      {
        "CVE_data_version": "4.0",
        "nodes": [
          {
            "children": [],
            "cpe_match": [
              {
                "cpe23Uri": "cpe:2.3:a:cisco:webex_meetings_server:2.6.0:*:*:*:*:*:*:*",
                "cpe_name": [],
                "vulnerable": true
              },
              {
                "cpe23Uri": "cpe:2.3:a:cisco:webex_meetings_server:2.6.1.39:*:*:*:*:*:*:*",
                "cpe_name": [],
                "vulnerable": true
              }
            ],
            "operator": "OR"
          }
        ]
      }
    ],
    "sources": [
      {
        "db": "NVD",
        "id": "CVE-2016-1484"
      }
    ]
  },
  "credits": {
    "@context": {
      "@vocab": "https://www.variotdbs.pl/ref/credits#",
      "sources": {
        "@container": "@list",
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/sources#"
        }
      }
    },
    "data": "Cisco",
    "sources": [
      {
        "db": "BID",
        "id": "92519"
      }
    ],
    "trust": 0.3
  },
  "cve": "CVE-2016-1484",
  "cvss": {
    "@context": {
      "cvssV2": {
        "@container": "@list",
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/cvss/cvssV2#"
        },
        "@id": "https://www.variotdbs.pl/ref/cvss/cvssV2"
      },
      "cvssV3": {
        "@container": "@list",
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/cvss/cvssV3#"
        },
        "@id": "https://www.variotdbs.pl/ref/cvss/cvssV3/"
      },
      "severity": {
        "@container": "@list",
        "@context": {
          "@vocab": "https://www.variotdbs.pl/cvss/severity#"
        },
        "@id": "https://www.variotdbs.pl/ref/cvss/severity"
      },
      "sources": {
        "@container": "@list",
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/sources#"
        },
        "@id": "https://www.variotdbs.pl/ref/sources"
      }
    },
    "data": [
      {
        "cvssV2": [
          {
            "acInsufInfo": false,
            "accessComplexity": "LOW",
            "accessVector": "NETWORK",
            "authentication": "NONE",
            "author": "NVD",
            "availabilityImpact": "NONE",
            "baseScore": 5.0,
            "confidentialityImpact": "PARTIAL",
            "exploitabilityScore": 10.0,
            "impactScore": 2.9,
            "integrityImpact": "NONE",
            "obtainAllPrivilege": false,
            "obtainOtherPrivilege": false,
            "obtainUserPrivilege": false,
            "severity": "MEDIUM",
            "trust": 1.0,
            "userInteractionRequired": false,
            "vectorString": "AV:N/AC:L/Au:N/C:P/I:N/A:N",
            "version": "2.0"
          },
          {
            "acInsufInfo": null,
            "accessComplexity": "Low",
            "accessVector": "Network",
            "authentication": "None",
            "author": "NVD",
            "availabilityImpact": "None",
            "baseScore": 5.0,
            "confidentialityImpact": "Partial",
            "exploitabilityScore": null,
            "id": "CVE-2016-1484",
            "impactScore": null,
            "integrityImpact": "None",
            "obtainAllPrivilege": null,
            "obtainOtherPrivilege": null,
            "obtainUserPrivilege": null,
            "severity": "Medium",
            "trust": 0.8,
            "userInteractionRequired": null,
            "vectorString": "AV:N/AC:L/Au:N/C:P/I:N/A:N",
            "version": "2.0"
          },
          {
            "accessComplexity": "LOW",
            "accessVector": "NETWORK",
            "authentication": "NONE",
            "author": "VULHUB",
            "availabilityImpact": "NONE",
            "baseScore": 5.0,
            "confidentialityImpact": "PARTIAL",
            "exploitabilityScore": 10.0,
            "id": "VHN-90303",
            "impactScore": 2.9,
            "integrityImpact": "NONE",
            "severity": "MEDIUM",
            "trust": 0.1,
            "vectorString": "AV:N/AC:L/AU:N/C:P/I:N/A:N",
            "version": "2.0"
          }
        ],
        "cvssV3": [
          {
            "attackComplexity": "LOW",
            "attackVector": "NETWORK",
            "author": "NVD",
            "availabilityImpact": "NONE",
            "baseScore": 7.5,
            "baseSeverity": "HIGH",
            "confidentialityImpact": "HIGH",
            "exploitabilityScore": 3.9,
            "impactScore": 3.6,
            "integrityImpact": "NONE",
            "privilegesRequired": "NONE",
            "scope": "UNCHANGED",
            "trust": 1.0,
            "userInteraction": "NONE",
            "vectorString": "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N",
            "version": "3.0"
          },
          {
            "attackComplexity": "Low",
            "attackVector": "Network",
            "author": "NVD",
            "availabilityImpact": "None",
            "baseScore": 7.5,
            "baseSeverity": "High",
            "confidentialityImpact": "High",
            "exploitabilityScore": null,
            "id": "CVE-2016-1484",
            "impactScore": null,
            "integrityImpact": "None",
            "privilegesRequired": "None",
            "scope": "Unchanged",
            "trust": 0.8,
            "userInteraction": "None",
            "vectorString": "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N",
            "version": "3.0"
          }
        ],
        "severity": [
          {
            "author": "NVD",
            "id": "CVE-2016-1484",
            "trust": 1.8,
            "value": "HIGH"
          },
          {
            "author": "CNNVD",
            "id": "CNNVD-201608-014",
            "trust": 0.6,
            "value": "MEDIUM"
          },
          {
            "author": "VULHUB",
            "id": "VHN-90303",
            "trust": 0.1,
            "value": "MEDIUM"
          }
        ]
      }
    ],
    "sources": [
      {
        "db": "VULHUB",
        "id": "VHN-90303"
      },
      {
        "db": "JVNDB",
        "id": "JVNDB-2016-004441"
      },
      {
        "db": "NVD",
        "id": "CVE-2016-1484"
      },
      {
        "db": "CNNVD",
        "id": "CNNVD-201608-014"
      }
    ]
  },
  "description": {
    "@context": {
      "@vocab": "https://www.variotdbs.pl/ref/description#",
      "sources": {
        "@container": "@list",
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/sources#"
        }
      }
    },
    "data": "Cisco WebEx Meetings Server 2.6 allows remote attackers to bypass intended access restrictions and obtain sensitive application information via unspecified vectors, aka Bug ID CSCuy92724. Cisco WebEx Meetings Server is prone to an information-disclosure vulnerability. \nAn attacker can exploit this issue to obtain sensitive information that may aid in further attacks. \nThis issue is being tracked by Cisco bug ID CSCuy92724. Cisco WebEx Meetings Server (CWMS) is a set of multi-functional conference solutions including audio, video and Web conference in Cisco\u0027s WebEx conference solution. An information disclosure vulnerability exists in CWMS version 2.6",
    "sources": [
      {
        "db": "NVD",
        "id": "CVE-2016-1484"
      },
      {
        "db": "JVNDB",
        "id": "JVNDB-2016-004441"
      },
      {
        "db": "BID",
        "id": "92519"
      },
      {
        "db": "VULHUB",
        "id": "VHN-90303"
      }
    ],
    "trust": 1.98
  },
  "external_ids": {
    "@context": {
      "@vocab": "https://www.variotdbs.pl/ref/external_ids#",
      "data": {
        "@container": "@list"
      },
      "sources": {
        "@container": "@list",
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/sources#"
        }
      }
    },
    "data": [
      {
        "db": "NVD",
        "id": "CVE-2016-1484",
        "trust": 2.8
      },
      {
        "db": "BID",
        "id": "92519",
        "trust": 1.4
      },
      {
        "db": "SECTRACK",
        "id": "1036649",
        "trust": 1.1
      },
      {
        "db": "JVNDB",
        "id": "JVNDB-2016-004441",
        "trust": 0.8
      },
      {
        "db": "CNNVD",
        "id": "CNNVD-201608-014",
        "trust": 0.7
      },
      {
        "db": "VULHUB",
        "id": "VHN-90303",
        "trust": 0.1
      }
    ],
    "sources": [
      {
        "db": "VULHUB",
        "id": "VHN-90303"
      },
      {
        "db": "BID",
        "id": "92519"
      },
      {
        "db": "JVNDB",
        "id": "JVNDB-2016-004441"
      },
      {
        "db": "NVD",
        "id": "CVE-2016-1484"
      },
      {
        "db": "CNNVD",
        "id": "CNNVD-201608-014"
      }
    ]
  },
  "id": "VAR-201608-0246",
  "iot": {
    "@context": {
      "@vocab": "https://www.variotdbs.pl/ref/iot#",
      "sources": {
        "@container": "@list",
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/sources#"
        }
      }
    },
    "data": true,
    "sources": [
      {
        "db": "VULHUB",
        "id": "VHN-90303"
      }
    ],
    "trust": 0.01
  },
  "last_update_date": "2023-12-18T13:14:27.909000Z",
  "patch": {
    "@context": {
      "@vocab": "https://www.variotdbs.pl/ref/patch#",
      "data": {
        "@container": "@list"
      },
      "sources": {
        "@container": "@list",
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/sources#"
        }
      }
    },
    "data": [
      {
        "title": "cisco-sa-20160817-wms1",
        "trust": 0.8,
        "url": "http://tools.cisco.com/security/center/content/ciscosecurityadvisory/cisco-sa-20160817-wms1"
      },
      {
        "title": "Cisco WebEx Meetings Server Repair measures for information disclosure vulnerabilities",
        "trust": 0.6,
        "url": "http://www.cnnvd.org.cn/web/xxk/bdxqbyid.tag?id=63643"
      }
    ],
    "sources": [
      {
        "db": "JVNDB",
        "id": "JVNDB-2016-004441"
      },
      {
        "db": "CNNVD",
        "id": "CNNVD-201608-014"
      }
    ]
  },
  "problemtype_data": {
    "@context": {
      "@vocab": "https://www.variotdbs.pl/ref/problemtype_data#",
      "sources": {
        "@container": "@list",
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/sources#"
        }
      }
    },
    "data": [
      {
        "problemtype": "CWE-20",
        "trust": 1.9
      },
      {
        "problemtype": "CWE-200",
        "trust": 1.9
      }
    ],
    "sources": [
      {
        "db": "VULHUB",
        "id": "VHN-90303"
      },
      {
        "db": "JVNDB",
        "id": "JVNDB-2016-004441"
      },
      {
        "db": "NVD",
        "id": "CVE-2016-1484"
      }
    ]
  },
  "references": {
    "@context": {
      "@vocab": "https://www.variotdbs.pl/ref/references#",
      "data": {
        "@container": "@list"
      },
      "sources": {
        "@container": "@list",
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/sources#"
        }
      }
    },
    "data": [
      {
        "trust": 2.0,
        "url": "http://tools.cisco.com/security/center/content/ciscosecurityadvisory/cisco-sa-20160817-wms1"
      },
      {
        "trust": 1.1,
        "url": "http://www.securityfocus.com/bid/92519"
      },
      {
        "trust": 1.1,
        "url": "http://www.securitytracker.com/id/1036649"
      },
      {
        "trust": 0.8,
        "url": "http://cve.mitre.org/cgi-bin/cvename.cgi?name=cve-2016-1484"
      },
      {
        "trust": 0.8,
        "url": "http://web.nvd.nist.gov/view/vuln/detail?vulnid=cve-2016-1484"
      },
      {
        "trust": 0.3,
        "url": "http://www.cisco.com/"
      }
    ],
    "sources": [
      {
        "db": "VULHUB",
        "id": "VHN-90303"
      },
      {
        "db": "BID",
        "id": "92519"
      },
      {
        "db": "JVNDB",
        "id": "JVNDB-2016-004441"
      },
      {
        "db": "NVD",
        "id": "CVE-2016-1484"
      },
      {
        "db": "CNNVD",
        "id": "CNNVD-201608-014"
      }
    ]
  },
  "sources": {
    "@context": {
      "@vocab": "https://www.variotdbs.pl/ref/sources#",
      "data": {
        "@container": "@list"
      }
    },
    "data": [
      {
        "db": "VULHUB",
        "id": "VHN-90303"
      },
      {
        "db": "BID",
        "id": "92519"
      },
      {
        "db": "JVNDB",
        "id": "JVNDB-2016-004441"
      },
      {
        "db": "NVD",
        "id": "CVE-2016-1484"
      },
      {
        "db": "CNNVD",
        "id": "CNNVD-201608-014"
      }
    ]
  },
  "sources_release_date": {
    "@context": {
      "@vocab": "https://www.variotdbs.pl/ref/sources_release_date#",
      "data": {
        "@container": "@list"
      }
    },
    "data": [
      {
        "date": "2016-08-23T00:00:00",
        "db": "VULHUB",
        "id": "VHN-90303"
      },
      {
        "date": "2016-08-17T00:00:00",
        "db": "BID",
        "id": "92519"
      },
      {
        "date": "2016-08-24T00:00:00",
        "db": "JVNDB",
        "id": "JVNDB-2016-004441"
      },
      {
        "date": "2016-08-23T02:10:21.317000",
        "db": "NVD",
        "id": "CVE-2016-1484"
      },
      {
        "date": "2016-08-18T00:00:00",
        "db": "CNNVD",
        "id": "CNNVD-201608-014"
      }
    ]
  },
  "sources_update_date": {
    "@context": {
      "@vocab": "https://www.variotdbs.pl/ref/sources_update_date#",
      "data": {
        "@container": "@list"
      }
    },
    "data": [
      {
        "date": "2017-08-16T00:00:00",
        "db": "VULHUB",
        "id": "VHN-90303"
      },
      {
        "date": "2016-08-17T00:00:00",
        "db": "BID",
        "id": "92519"
      },
      {
        "date": "2016-08-24T00:00:00",
        "db": "JVNDB",
        "id": "JVNDB-2016-004441"
      },
      {
        "date": "2017-08-16T01:29:05.853000",
        "db": "NVD",
        "id": "CVE-2016-1484"
      },
      {
        "date": "2016-08-24T00:00:00",
        "db": "CNNVD",
        "id": "CNNVD-201608-014"
      }
    ]
  },
  "threat_type": {
    "@context": {
      "@vocab": "https://www.variotdbs.pl/ref/threat_type#",
      "sources": {
        "@container": "@list",
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/sources#"
        }
      }
    },
    "data": "remote",
    "sources": [
      {
        "db": "CNNVD",
        "id": "CNNVD-201608-014"
      }
    ],
    "trust": 0.6
  },
  "title": {
    "@context": {
      "@vocab": "https://www.variotdbs.pl/ref/title#",
      "sources": {
        "@container": "@list",
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/sources#"
        }
      }
    },
    "data": "Cisco WebEx Meetings Server Vulnerable to access restrictions",
    "sources": [
      {
        "db": "JVNDB",
        "id": "JVNDB-2016-004441"
      }
    ],
    "trust": 0.8
  },
  "type": {
    "@context": {
      "@vocab": "https://www.variotdbs.pl/ref/type#",
      "sources": {
        "@container": "@list",
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/sources#"
        }
      }
    },
    "data": "information disclosure",
    "sources": [
      {
        "db": "CNNVD",
        "id": "CNNVD-201608-014"
      }
    ],
    "trust": 0.6
  }
}

Sightings

Author	Source	Type	Date	Other

Nomenclature

Seen: The vulnerability was mentioned, discussed, or observed by the user.
Confirmed: The vulnerability has been validated from an analyst's perspective.
Published Proof of Concept: A public proof of concept is available for this vulnerability.
Exploited: The vulnerability was observed as exploited by the user who reported the sighting.
Patched: The vulnerability was observed as successfully patched by the user who reported the sighting.
Not exploited: The vulnerability was not observed as exploited by the user who reported the sighting.
Not confirmed: The user expressed doubt about the validity of the vulnerability.
Not patched: The vulnerability was not observed as successfully patched by the user who reported the sighting.

Detection rules are retrieved from Rulezet.

Action not permitted

CVE-2016-1484 (GCVE-0-2016-1484)

CERTFR-2016-AVI-284

Solution

CERTFR-2016-AVI-284

Solution

CNVD-2016-06425

FKIE_CVE-2016-1484

GHSA-QFJJ-G7H7-MC9H

GSD-2016-1484

VAR-201608-0246

Tags

Sightings

Nomenclature