How severe is CVE-2021-1311?

This vulnerability has a severity rating of MEDIUM with a CVSS score of 5.4 out of 10.

What type of vulnerability is CVE-2021-1311?

This is classified as CWE-307, which is a common weakness in software security.

CVE-2021-1311 - MEDIUM Severity | CVSS 5.4

Vulnerability Description

A vulnerability in the reclaim host role feature of Cisco Webex Meetings and Cisco Webex Meetings Server could allow an authenticated, remote attacker to take over the host role during a meeting. This vulnerability is due to a lack of protection against brute forcing of the host key. An attacker could exploit this vulnerability by sending crafted requests to a vulnerable Cisco Webex Meetings or Webex Meetings Server site. A successful exploit would require the attacker to have access to join a Webex meeting, including applicable meeting join links and passwords. A successful exploit could allow the attacker to acquire or take over the host role for a meeting.

Related Vulnerabilities

CVE-2018-14657

MEDIUM

CVSS:5.4(Medium)

A flaw was found in Keycloak 4.2.1.Final, 4.3.0.Final. When TOPT enabled, an improper implementation of the Brute Force detection algorithm will not enforce its protection measures.

CWE-3072018

CVE-2023-34732

MEDIUM

CVSS:5.4(Medium)

An issue in the userId parameter in the change password function of Flytxt NEON-dX v0.0.1-SNAPSHOT-6.9-qa-2-9-g5502a0c allows attackers to execute brute force attacks to discover user passwords.

CWE-3072023

CVE-2017-16900

MEDIUM

CVSS:5.5(Medium)

Incorrect Access Control in Hunesion i-oneNet 3.0.6042.1200 allows the local user to access other user's information which is unauthorized via brute force.

CWE-3072017

CVE-2019-5263

MEDIUM

CVSS:5.5(Medium)

HiSuite with 9.1.0.305 and earlier versions and 9.1.0.305(MAC) and earlier versions and HwBackup with earlier versions before 9.1.1.308 have a brute forcing encrypted backup data vulnerability. Huawei...

CWE-3072019

CVE-2020-15770

MEDIUM

CVSS:5.5(Medium)

An issue was discovered in Gradle Enterprise 2018.5. An attacker can potentially make repeated attempts to guess a local user's password, due to lack of lock-out after excessive failed logins.

CWE-3072020

CVE-2021-29648

MEDIUM

CVSS:5.5(Medium)

An issue was discovered in the Linux kernel before 5.11.11. The BPF subsystem does not properly consider that resolved_ids and resolved_sizes are intentionally uninitialized in the vmlinux BPF Type Fo...

CWE-3072021