How severe is CVE-2018-0110?

This vulnerability has a severity rating of HIGH with a CVSS score of 8.1 out of 10.

What type of vulnerability is CVE-2018-0110?

This is classified as CWE-254, which is a common weakness in software security.

CVE-2018-0110 - HIGH Severity | CVSS 8.1

Vulnerability Description

A vulnerability in Cisco WebEx Meetings Server could allow an authenticated, remote attacker to access the remote support account even after it has been disabled via the web application. The vulnerability is due to a design flaw in Cisco WebEx Meetings Server, which would not disable access to specifically configured user accounts, even after access had been disabled in the web application. An attacker could exploit this vulnerability by connecting to the remote support account, even after it had been disabled at the web application level. An exploit could allow the attacker to modify server configuration and gain access to customer data. Cisco Bug IDs: CSCvg46741.

Related Vulnerabilities

CVE-2012-5010

HIGH

CVSS:8.1(High)

ASA 5515-X Adaptive Security Appliance Adaptive Security Appliance (ASA) Software 9.4.x before 9.4.1 Interim, 9.2.x before 9.2.4 Interim, ASA 5510 Adaptive Security Appliance Adaptive Security Applian...

CWE-2542012

CVE-2015-5246

HIGH

CVSS:8.1(High)

The LDAP Authentication functionality in Foreman might allow remote attackers with knowledge of old passwords to gain access via vectors involving the password lifetime period in Active Directory.

CWE-2542015

CVE-2015-7914

HIGH

CVSS:8.1(High)

Sauter EY-WS505F0x0 moduWeb Vision before 1.6.0 allows remote attackers to bypass authentication by leveraging knowledge of a password hash without knowledge of the associated password.

CWE-2542015

CVE-2016-0019

HIGH

CVSS:8.1(High)

The Remote Desktop Protocol (RDP) service implementation in Microsoft Windows 10 Gold and 1511 allows remote attackers to bypass intended access restrictions and establish sessions for blank-password ...

CWE-2542016

CVE-2016-1443

HIGH

CVSS:8.1(High)

The virtual network stack on Cisco AMP Threat Grid Appliance devices before 2.1.1 allows remote attackers to bypass a sandbox protection mechanism, and consequently obtain sensitive interprocess infor...

CWE-2542016

CVE-2016-1567

HIGH

CVSS:8.1(High)

chrony before 1.31.2 and 2.x before 2.2.1 do not verify peer associations of symmetric keys when authenticating packets, which might allow remote attackers to conduct impersonation attacks via an arbi...

CWE-2542016