CVE-2017-3811: XEE
First published: Fri Mar 17 2017(Updated: )
An XML External Entity vulnerability in Cisco WebEx Meetings Server could allow an authenticated, remote attacker to have read access to part of the information stored in the affected system. More Information: CSCvc39165. Known Affected Releases: 2.6. Known Fixed Releases: 2.7.1.2054.
Credit: ykramarz@cisco.com
| Affected Software | Affected Version | How to fix |
|---|---|---|
| Cisco Webex Meetings Server | =2.6 |
Never miss a vulnerability like this again
Sign up to SecAlerts for real-time vulnerability data matched to your software, aggregated from hundreds of sources.
Reference Links
Frequently Asked Questions
What is the severity of CVE-2017-3811?
CVE-2017-3811 is classified as a medium severity vulnerability.
How do I fix CVE-2017-3811?
To fix CVE-2017-3811, upgrade to Cisco WebEx Meetings Server version 2.7.1.2054 or later.
What systems are affected by CVE-2017-3811?
CVE-2017-3811 affects Cisco WebEx Meetings Server version 2.6.
What type of attack does CVE-2017-3811 involve?
CVE-2017-3811 involves an XML External Entity (XXE) attack that can give read access to sensitive information.
Is authentication required to exploit CVE-2017-3811?
Yes, CVE-2017-3811 requires the attacker to be authenticated to exploit the vulnerability.
- agent/type
- agent/last-modified-date
- agent/first-publish-date
- agent/references
- agent/weakness
- agent/severity
- agent/author
- agent/description
- agent/softwarecombine
- agent/tags
- agent/event
- collector/nvd-index
- agent/software-canonical-lookup-request
- vendor/cisco
- canonical/cisco webex meetings server
- version/cisco webex meetings server/2.6