Test ID:	1.3.6.1.4.1.25623.1.0.811240
Category:	CISCO
Title:	Cisco Webex Meetings Server Browser Extension Remote Code Execution Vulnerability
Summary:	Cisco Webex Meetings Server is prone to a remote code execution (RCE) vulnerability.
Description:	Summary: Cisco Webex Meetings Server is prone to a remote code execution (RCE) vulnerability. Vulnerability Insight: The flaw exists due to a design defect in the browser extension. Vulnerability Impact: Successful exploitation will allow remote attackers to execute arbitrary code with the privileges of the affected browser. Affected Software/OS: Cisco Webex Meetings Server versions 1.1 Base, 1.5 Base, 1.5.1.6, 1.5.1.131, 2.0 Base, 2.0.1.107, 2.0 MR2 through 2.0 MR9, 2.0 MR9 Patch 1 through 2.0 MR9 Patch 3, 2.5 Base, 2.5.99.2, 2.5 MR1, 2.5.1.5, 2.5.1.29, 2.5 MR2, 2.5 MR2 Patch 1, 2.5 MR3 through 2.5 MR5, 2.5 MR5 Patch 1, 2.5 MR6, 2.5 MR6 Patch 1 through 2.5 MR6 Patch 4, 2.6.0, 2.6.1.39, 2.6 MR1, 2.6 MR1 Patch 1, 2.6 MR2, 2.6 MR2 Patch 1, 2.6 MR3, 2.6 MR3 Patch 1, 2.6 MR3 Patch 2, 2.7 Base, 2.7.1, 2.7 MR1, 2.7 MR1 Patch 1, 2.7 MR2, 2.7 MR2 Patch 1, 2.8 Base and 2.8 prior to 2.8 Patch 3. Solution: Update to Cisco Webex Meetings Server version 2.6MR3 Patch 5, 2.7MR2 Patch 9 or 2.8 Patch 3 or later. CVSS Score: 9.3 CVSS Vector: AV:N/AC:M/Au:N/C:C/I:C/A:C
Cross-Ref:	Common Vulnerability Exposure (CVE) ID: CVE-2017-6753 BugTraq ID: 99614 http://www.securityfocus.com/bid/99614 http://www.securitytracker.com/id/1038909 http://www.securitytracker.com/id/1038910 http://www.securitytracker.com/id/1038911
Copyright	Copyright (C) 2017 Greenbone AG

This is only one of 145615 vulnerability tests in our test suite. Find out more about running a complete security audit. To run a free test of this vulnerability against your system, register below.