CVE-2017-12295

CVE-2017-12295

Vendor N/A
Product Cisco WebEx Meetings Server
Weakness CWE-200 · Info exposure
Published November 2, 2017
Last update August 5, 2024

CVSS base score

What the vulnerability does

01Description

A vulnerability in Cisco WebEx Meetings Server could allow an unauthenticated, remote attacker to access sensitive data about the application. An attacker could exploit this vulnerability to gain information to conduct additional reconnaissance attacks. The vulnerability is due to the HTTP header reply from the Cisco WebEx Meetings Server to the client, which could include internal network information that should be restricted. An attacker could exploit the vulnerability by attempting to use the HTTP protocol and looking at the data in the HTTP responses from the Cisco WebEx Meetings Server. An exploit could allow the attacker to discover sensitive data about the application. Cisco Bug IDs: CSCve65818.

Key dates

02Disclosure timeline

November 2, 2017 CVE published
August 5, 2024 Record updated