2973 matches found
CVE-2020-3412
A vulnerability in the scheduled meeting template feature of Cisco Webex Meetings could allow an authenticated, remote attacker to create a scheduled meeting template that would belong to another user in their organization. The vulnerability is due to insufficient authorization enforcement for th...
Cross site scripting
A vulnerability in the web-based management interface of Cisco Webex Meetings could allow an unauthenticated, remote attacker to conduct a cross-site scripting XSS attack against a user of the web-based management interface of the affected service. The vulnerability is due to insufficient...
Input validation
Multiple vulnerabilities in the user interface of Cisco Webex Meetings Desktop App could allow an authenticated, remote attacker to obtain restricted information from other Webex users. These vulnerabilities are due to improper input validation of parameters returned to the application from a web...
Improper access control
A vulnerability in the contacts feature of Cisco Webex Meetings could allow an authenticated, remote attacker with a legitimate user account to access sensitive information. The vulnerability is due to improper access restrictions on users who are added within user contacts. An attacker on one...
Input validation
Multiple vulnerabilities in the user interface of Cisco Webex Meetings Desktop App could allow an authenticated, remote attacker to obtain restricted information from other Webex users. These vulnerabilities are due to improper input validation of parameters returned to the application from a web...
Authorization
A vulnerability in the scheduled meeting template feature of Cisco Webex Meetings could allow an authenticated, remote attacker to delete a scheduled meeting template that belongs to another user in their organization. The vulnerability is due to insufficient authorization enforcement for request...
Authorization
A vulnerability in the scheduled meeting template feature of Cisco Webex Meetings could allow an authenticated, remote attacker to create a scheduled meeting template that would belong to another user in their organization. The vulnerability is due to insufficient authorization enforcement for th...
CVE-2020-3412
The CVE-2020-3412 issue affects Cisco Webex Meetings: an authenticated, remote attacker could create a scheduled meeting template that belongs to another user due to insufficient authorization enforcement in the scheduled meeting template feature. Exploitation involves sending a crafted request t...
CVE-2020-3412 Cisco Webex Meetings Scheduled Meeting Template Creation Vulnerability
A vulnerability in the scheduled meeting template feature of Cisco Webex Meetings could allow an authenticated, remote attacker to create a scheduled meeting template that would belong to another user in their organization. The vulnerability is due to insufficient authorization enforcement for th...
CVE-2020-3412 Cisco Webex Meetings Scheduled Meeting Template Creation Vulnerability
A vulnerability in the scheduled meeting template feature of Cisco Webex Meetings could allow an authenticated, remote attacker to create a scheduled meeting template that would belong to another user in their organization. The vulnerability is due to insufficient authorization enforcement for th...
CVE-2020-3413 Cisco Webex Meetings Scheduled Meeting Template Deletion Vulnerability
A vulnerability in the scheduled meeting template feature of Cisco Webex Meetings could allow an authenticated, remote attacker to delete a scheduled meeting template that belongs to another user in their organization. The vulnerability is due to insufficient authorization enforcement for request...
CVE-2020-3413 Cisco Webex Meetings Scheduled Meeting Template Deletion Vulnerability
A vulnerability in the scheduled meeting template feature of Cisco Webex Meetings could allow an authenticated, remote attacker to delete a scheduled meeting template that belongs to another user in their organization. The vulnerability is due to insufficient authorization enforcement for request...
CVE-2020-3413
The CVE-2020-3413 issue affects Cisco Webex Meetings, specifically the scheduled meeting template deletion feature. The root cause is insufficient authorization enforcement for requests to delete scheduled meeting templates, allowing an authenticated, remote attacker to delete a template belongin...
CVE-2020-3463 Cisco Webex Meetings Reflected Cross-Site Scripting Vulnerability
A vulnerability in the web-based management interface of Cisco Webex Meetings could allow an unauthenticated, remote attacker to conduct a cross-site scripting XSS attack against a user of the web-based management interface of the affected service. The vulnerability is due to insufficient...
CVE-2020-3463
Summary of CVE-2020-3463 (Cisco Webex Meetings) : A vulnerability in the web-based management interface allows an unauthenticated, remote attacker to perform a cross-site scripting (XSS) attack due to insufficient validation of user-supplied input. An attacker can lure a user to click a malicious...
CVE-2020-3463 Cisco Webex Meetings Reflected Cross-Site Scripting Vulnerability
A vulnerability in the web-based management interface of Cisco Webex Meetings could allow an unauthenticated, remote attacker to conduct a cross-site scripting XSS attack against a user of the web-based management interface of the affected service. The vulnerability is due to insufficient...
CVE-2020-3472 Cisco Webex Meetings User Email Address Information Disclosure Vulnerability
A vulnerability in the contacts feature of Cisco Webex Meetings could allow an authenticated, remote attacker with a legitimate user account to access sensitive information. The vulnerability is due to improper access restrictions on users who are added within user contacts. An attacker on one...
CVE-2020-3472
CVE-2020-3472 affects Cisco Webex Meetings via the Contacts feature. An authenticated, legitimate user can exploit improper access controls on users added to a contact list to view other users’ details (names, email addresses) by sending specially crafted requests. Impact and affected behavior ar...
CVE-2020-3472 Cisco Webex Meetings User Email Address Information Disclosure Vulnerability
A vulnerability in the contacts feature of Cisco Webex Meetings could allow an authenticated, remote attacker with a legitimate user account to access sensitive information. The vulnerability is due to improper access restrictions on users who are added within user contacts. An attacker on one...
CVE-2020-3501 Cisco Webex Meetings Desktop App Information Disclosure Vulnerabilities
Multiple vulnerabilities in the user interface of Cisco Webex Meetings Desktop App could allow an authenticated, remote attacker to obtain restricted information from other Webex users. These vulnerabilities are due to improper input validation of parameters returned to the application from a web...