Lucene search
K
Database
Vendors
Products
Years
CVSS
Scanner
Agent Scanning
API Scanning
Manual Audit
Perimeter Scanner
Scanning
Projects
Email
Webhook
Plugins
Resources
Documents
Blog
Glossary
FAQ
Pricing
Contacts
About Us
Partners
Branding Guideline
ciscoCiscoCISCO-SA-20180502-WEBEX-ID
HistoryMay 02, 2018 - 4:00 p.m.

Cisco WebEx Recording Format Player Information Disclosure Vulnerability

2018-05-0216:00:00
tools.cisco.com
5

0.011 Low

EPSS

Percentile

84.4%

JSON

A vulnerability in Cisco WebEx Recording Format (WRF) Player could allow an unauthenticated, remote attacker to access sensitive data about the application. An attacker could exploit this vulnerability to gain information to conduct additional reconnaissance attacks.

The vulnerability is due to a design flaw in Cisco WRF Player. An attacker could exploit this vulnerability by utilizing a maliciously crafted file that could bypass checks in the code and enable an attacker to read memory from outside the bounds of the mapped file.

There are no workarounds that address this vulnerability.
This advisory is available at the following link:
https://sec.cloudapps.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20180502-webex-id [“https://sec.cloudapps.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20180502-webex-id”]

Related

zdi 2
cve 1
prion 1
zdi
zdi
Cisco WebEx Recorder and Player WRF File Length Field Out-Of-Bounds Read Information Disclosure Vulnerability
2018-05-14 00:00:00
Cisco WebEx Recorder and Player WRF File Length Field Out-Of-Bounds Read Information Disclosure Vulnerability
2018-05-14 00:00:00
cve
cve
CVE-2018-0288
2018-05-02 22:29:00
prion
prion
Out-of-bounds
2018-05-02 22:29:00

0.011 Low

EPSS

Percentile

84.4%

JSON
Related for CISCO-SA-20180502-WEBEX-ID
zdi2cve1prion1