SB2016091924 - Consuming excessive CPU resources on the target system in Cisco WebEx Meetings Server



SB2016091924 - Consuming excessive CPU resources on the target system in Cisco WebEx Meetings Server

Published: September 19, 2016 Updated: September 23, 2016

Security Bulletin ID SB2016091924
CSH Severity
Medium
Patch available
YES
Number of vulnerabilities 1
Exploitation vector Remote access
Highest impact Denial of service

Breakdown by Severity

Medium 100%
  • Low
  • Medium
  • High
  • Critical

Description

This security bulletin contains information about 1 vulnerability.


1) Consuming excessive CPU resources on the target system (CVE-ID: CVE-2016-1483)

CWE-ID: CWE-400 - Resource exhaustion

CVSSv4: CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N/E:U/U:Green


The vulnerability allows a remote attacker to consume excessive CPU resources on the target system.

The vulnerability exists due to improper user's account validation that allows attackers to cause resource exhaustion.

Successful exploitation of this vulnerability may result in denial of service.



Remediation

Install update from vendor's website.