Cross site request forgery (csrf)

2023-07-0720:15:00

PRIOn knowledge base

www.prio-n.com

cisco webex meetings

vulnerability

csrf attack

unauthorized actions

web interface

5.1 Medium

AI Score

Confidence

High

0.001 Low

EPSS

Percentile

28.2%

JSON

A vulnerability in the web interface of Cisco Webex Meetings could allow an unauthenticated, remote attacker to conduct a cross-site request forgery (CSRF) attack on an affected system.

This vulnerability is due to insufficient CSRF protections for the web interface on an affected system. An attacker could exploit this vulnerability by persuading a user of the interface to click a malicious link. A successful exploit could allow the attacker to perform arbitrary actions. These actions could include joining meetings and scheduling training sessions.

CPENameOperatorVersion
webex_meetingseq39.7.4
webex_meetingseq39.10
webex_meetingseq39.11
webex_meetingseq39.6
webex_meetingseq39.7
webex_meetingseq39.7.7
webex_meetingseq39.8
webex_meetingseq39.8.2
webex_meetingseq39.8.3
webex_meetingseq39.8.4

Name	Operator	Version
webex_meetings	eq	39.7.4
webex_meetings	eq	39.10
webex_meetings	eq	39.11
webex_meetings	eq	39.6
webex_meetings	eq	39.7
webex_meetings	eq	39.7.7
webex_meetings	eq	39.8
webex_meetings	eq	39.8.2
webex_meetings	eq	39.8.3
webex_meetings	eq	39.8.4