Multiple vulnerabilities in Cisco Webex products

🗓️ 05 Nov 2020 00:00:00Reported by NCSCType

ncsc

ncsc🔗 advisories.ncsc.nl👁 4 Views

Multiple Cisco Webex vulnerabilities allow XSS and remote code execution; updates are available.

Reporter	Title	Published	Views	Family All 56
BDU FSTEC	The vulnerability of the Cisco Webex Meetings Desktop App’s software lies in the incorrect path name limitation, which allows a malicious actor to execute arbitrary code.	17 Nov 202000:00	–	bdu_fstec
BDU FSTEC	The vulnerability of the Cisco Webex Network Recording Player and Cisco Webex Player for Windows operating systems arises from the operation beyond buffer boundaries in memory, allowing an attacker to execute arbitrary code.	17 Nov 202000:00	–	bdu_fstec
BDU FSTEC	The vulnerability of the Cisco Webex Network Recording Player and Cisco Webex Player for Windows operating systems arises from the operation beyond buffer boundaries in memory, allowing an attacker to execute arbitrary code.	17 Nov 202000:00	–	bdu_fstec
BDU FSTEC	The vulnerability in the web interface of the Cisco Webex Teams collaboration software allows a perpetrator to carry out cross-site scripting attacks.	18 Nov 202000:00	–	bdu_fstec
BDU FSTEC	The vulnerability of the Cisco Webex Network Recording Player and Cisco Webex Player for Windows operating systems arises from the operation beyond buffer boundaries in memory, allowing an attacker to execute arbitrary code.	18 Nov 202000:00	–	bdu_fstec
Circl	CVE-2020-26067	18 Nov 202416:24	–	circl
Circl	CVE-2020-3573	6 Nov 202022:51	–	circl
Circl	CVE-2020-3588	6 Nov 202022:51	–	circl
Circl	CVE-2020-3603	6 Nov 202022:51	–	circl
Cisco	Cisco Webex Network Recording Player and Cisco Webex Player Arbitrary Code Execution Vulnerabilities	4 Nov 202016:00	–	cisco

05 Nov 2020 00:00Current

7High risk

Vulners AI Score7

CVSS 3.17.8

CVSS 29.3

EPSS0.02634

SSVC

cross site scripting remote code execution webex vulnerabilities cisco advisory fixed vulnerabilities updates available