CVE-2017-3795 Cisco CVE debrief

Who should care

Administrators and security teams responsible for Cisco WebEx Meetings Server deployments, especially any environment running version 2.6, should treat this as a credential-integrity issue affecting non-administrative user accounts.

Technical summary

The vulnerability is reachable remotely by an authenticated attacker and affects Cisco WebEx Meetings Server 2.6. According to the NVD record, the attack requires low privileges and no user interaction, with integrity impact on user passwords and no confidentiality or availability impact scored in the supplied CVSS vector. The issue is documented by Cisco and NVD with a fixed release of 2.7.1.12.

Defensive priority

Medium priority. The CVSS score is moderate, but the impact to account integrity makes remediation important for any exposed or actively used Cisco WebEx Meetings Server 2.6 instance.

Recommended defensive actions

• Upgrade Cisco WebEx Meetings Server to the fixed release 2.7.1.12.
• Confirm whether any Cisco WebEx Meetings Server 2.6 instances are still deployed and plan remediation accordingly.
• Review account and password-change activity for non-administrative users to look for unauthorized changes.
• Limit authenticated access to the platform to trusted administrative users and networks where possible while remediation is underway.

Evidence notes

The supplied NVD record identifies Cisco WebEx Meetings Server 2.6 as vulnerable via CPE criteria and lists Cisco Security Advisory cisco-sa-20170118-wms1 as the vendor advisory reference. The NVD CVSS vector is CVSS:3.0/AV:N/AC:L/PR:L/UI:N/S:U/C:L/I:L/A:N, and the mapped weakness is CWE-287. The provided data also names 2.7.1.12 as the known fixed release. No KEV entry is present in the supplied corpus.

Official resources