CVE-2017-12297

medium Cisco
CVSS v3 Base Score
5.0
CVSS:3.0/AV:N/AC:L/PR:L/UI:N/S:C/C:N/I:L/A:N
EPSS Score
0.2%
Exploitation probability in 30 days
Top 53% most likely to be exploited
Attack Characteristics
Attack Vector
Network
Attack Complexity
Low
Privileges Required
Low
User Interaction
None
Confidentiality
None
Integrity
Low
Availability
None
Published: November 30, 2017 (3087 days ago)
Last Modified: May 13, 2026
Vendor: Cisco
Source: NVD

Description

A vulnerability in Cisco WebEx Meeting Center could allow an authenticated, remote attacker to initiate connections to arbitrary hosts, aka a "URL Redirection Vulnerability." The vulnerability is due to insufficient access control for HTTP traffic directed to the Cisco WebEx Meeting Center. An attacker could exploit this vulnerability by sending a malicious URL to the Cisco WebEx Meeting Center. An exploit could allow the attacker to connect to arbitrary hosts. Cisco Bug IDs: CSCvf63843.

CWE

CWE-20

Affected Products

cisco webex meeting center

References

🔗 www.securityfocus.com 🔗 www.securitytracker.com 🔗 tools.cisco.com 🔗 www.securityfocus.com 🔗 www.securitytracker.com